Gal Zror

Gal Zror
Twitter:	@waveburst
Homepage:	http://bar/
GitHub:	waveburst
Keybase:	qux

POSTS

Aruba in Chains: Chaining Vulnerabilities for Fun and Profit

15-Jul 2021
,

CVE-2021-25155

CVE-2021-25156

CVE-2021-25157

CVE-2021-25158

CVE-2021-25159

CVE-2021-25160

CVE-2021-25161

CVE-2021-25162
Don't Ruck Us Again - The Exploit Returns

14-Oct 2020
,

CVE-2020-13913

CVE-2020-13914

CVE-2020-13915

CVE-2020-13916

CVE-2020-13918

CVE-2020-13917
Don't Ruck Us Too Hard - Owning Ruckus AP devices

14-Jan 2020
,

CVE-2019-19834

CVE-2019-19835

CVE-2019-19836

CVE-2019-19837

CVE-2019-19838

CVE-2019-19839

CVE-2019-19840

CVE-2019-19841

CVE-2019-19842

CVE-2019-19843

VULNS

03/09/21

CVE-2021-25155
Authenticated Arbitrary File Write via Web UI (cplogo-install)
03/09/21

CVE-2021-25162
Unauthenticated Command Injection via Web UI
03/09/21

CVE-2021-25161
Authenticated Reflected Cross-Site Scripting (cp_perview)
03/09/21

CVE-2021-25160
Authenticated Arbitrary File Write via Web UI to Specific Backup File
03/09/21

CVE-2021-25159
Authenticated Arbitrary File Write via Web UI (cp-upload)
03/09/21

CVE-2021-25158
Unauthenticated Arbitrary File Read via Race Condition Vulnerability
03/09/21

CVE-2021-25157
Authenticated Arbitrary File Read via Web UI (cplogo-install)
03/09/21

CVE-2021-25156
Authenticated Arbitrary Directory Create via Web UI (cplogo-install)
06/07/20

CVE-2020-13917
rkscli jailbreak
06/07/20

CVE-2020-13919
Authenticated command injection in emfd/libemf
06/07/20

CVE-2020-13918
Infromation leakage from /upnp.jsp
06/07/20

CVE-2020-13916
Stack buffer overflow in webs
06/07/20

CVE-2020-13915
Unauthenticated admin credentials overwrite
06/07/20

CVE-2020-13914
Webserver denial fo service
06/07/20

CVE-2020-13913
XSS in /admin/_wla_cmdstat.jsp
12/17/19

ALEPH-2019014
Ruckus CLI (rkscli) jailbreak
12/17/19

CVE-2019-19843
Admin credentials leakage
12/17/19

CVE-2019-19842
Remote command injection via a crafted HTTP request (cmdSpectraAnalysis)
12/17/19

CVE-2019-19841
Remote command injection via a crafted HTTP request (cmdPacketCapture)
12/17/19

CVE-2019-19840
Stack buffer overflow in zap executable
12/17/19

CVE-2019-19839
Remote command injection via a crafted HTTP request (cmdImportCategory)
12/17/19

CVE-2019-19838
Remote command injection via a crafted HTTP request (cmdImportAvpPort)
12/17/19

CVE-2019-19837
Information disclosure vulnerability
12/17/19

CVE-2019-19836
Remote code execution vulnerability via zap
12/17/19

CVE-2019-19835
SSRF vulnerability in zap
12/17/19

CVE-2019-19834
Ruckus CLI (ruckus_cli2) jailbreak