Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ZD10.0.0.x, ZD10.0.1.x (less than 10.0.1.0.17 MR1 release) and Ruckus Wireless Unleashed AP Firmware releases 200.0.x, 200.1.x, 200.2.x, 200.3.x, 200.4.x. contain OS Command Injection vulnerabilities that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system by appending those commands in the Common Name field in the Certificate Generation Request.
References
Link | Resource |
---|---|
https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-092917.txt | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: brocade
Published: 2017-09-27T00:00:00
Updated: 2017-10-13T16:57:01
Reserved: 2017-02-23T00:00:00
Link: CVE-2017-6224
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-10-13T17:29:01.160
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-6224
JSON object: View
Redhat Information
No data.
CWE