Vulnerabilities (CVE)

Filtered by vendor Commscope Subscribe
Filtered by product Ruckus Zoneflex R500 Firmware
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-8830 1 Commscope 2 Ruckus Zoneflex R500, Ruckus Zoneflex R500 Firmware 2024-11-21 6.8 MEDIUM 8.8 HIGH
CSRF in login.asp on Ruckus devices allows an attacker to access the panel, and use SSRF to perform scraping or other analysis via the SUBCA-1 field on the Wireless Admin screen.
CVE-2020-8033 1 Commscope 2 Ruckus Zoneflex R500, Ruckus Zoneflex R500 Firmware 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Ruckus R500 3.4.2.0.384 devices allow XSS via the index.asp Device Name field.
CVE-2020-7983 1 Commscope 2 Ruckus Zoneflex R500, Ruckus Zoneflex R500 Firmware 2024-11-21 5.8 MEDIUM 8.1 HIGH
A CSRF issue in login.asp on Ruckus R500 3.4.2.0.384 devices allows remote attackers to access the panel or conduct SSRF attacks.