Sonicwall Signatures
Go to
All Categories
list.
Ruckus IoT Controller Authentication Bypass
Category:
IoT-ATTACKS
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26879
© SonicWall 2020 |
Privacy Policy
|
Conditions for use
Version: 10.0
