Vulnerability Description
Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ruckuswireless | Unleashed Firmware | <= 200.7.10.102.92 |
| Ruckuswireless | C110 | - |
| Ruckuswireless | E510 | - |
| Ruckuswireless | H320 | - |
| Ruckuswireless | H510 | - |
| Ruckuswireless | M510 | - |
| Ruckuswireless | R310 | - |
| Ruckuswireless | R320 | - |
| Ruckuswireless | R500 | - |
| Ruckuswireless | R510 | - |
| Ruckuswireless | R600 | - |
| Ruckuswireless | R610 | - |
| Ruckuswireless | R710 | - |
| Ruckuswireless | R720 | - |
| Ruckuswireless | R750 | - |
| Ruckuswireless | T300 | - |
| Ruckuswireless | T301N | - |
| Ruckuswireless | T301S | - |
| Ruckuswireless | T310C | - |
| Ruckuswireless | T310D | - |
Related Weaknesses (CWE)
References
- https://support.ruckuswireless.com/security_bulletins/304Vendor Advisory
- https://support.ruckuswireless.com/security_bulletins/304Vendor Advisory
FAQ
What is CVE-2020-13915?
CVE-2020-13915 is a vulnerability with a CVSS score of 7.5 (HIGH). Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affect...
How severe is CVE-2020-13915?
CVE-2020-13915 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-13915?
Check the references section above for vendor advisories and patch information. Affected products include: Ruckuswireless Unleashed Firmware, Ruckuswireless C110, Ruckuswireless E510, Ruckuswireless H320, Ruckuswireless H510.