<--
א
Gal Zror
Twitter:
@waveburst
Homepage:
http://bar/
GitHub:
waveburst
Keybase:
qux
POSTS
Aruba in Chains: Chaining Vulnerabilities for Fun and Profit
15-Jul 2021
,
CVE-2021-25155
CVE-2021-25156
CVE-2021-25157
CVE-2021-25158
CVE-2021-25159
CVE-2021-25160
CVE-2021-25161
CVE-2021-25162
Don't Ruck Us Again - The Exploit Returns
14-Oct 2020
,
CVE-2020-13913
CVE-2020-13914
CVE-2020-13915
CVE-2020-13916
CVE-2020-13918
CVE-2020-13917
Don't Ruck Us Too Hard - Owning Ruckus AP devices
14-Jan 2020
,
CVE-2019-19834
CVE-2019-19835
CVE-2019-19836
CVE-2019-19837
CVE-2019-19838
CVE-2019-19839
CVE-2019-19840
CVE-2019-19841
CVE-2019-19842
CVE-2019-19843
VULNS
03/09/21
CVE-2021-25155
Authenticated Arbitrary File Write via Web UI (cplogo-install)
03/09/21
CVE-2021-25162
Unauthenticated Command Injection via Web UI
03/09/21
CVE-2021-25161
Authenticated Reflected Cross-Site Scripting (cp_perview)
03/09/21
CVE-2021-25160
Authenticated Arbitrary File Write via Web UI to Specific Backup File
03/09/21
CVE-2021-25159
Authenticated Arbitrary File Write via Web UI (cp-upload)
03/09/21
CVE-2021-25158
Unauthenticated Arbitrary File Read via Race Condition Vulnerability
03/09/21
CVE-2021-25157
Authenticated Arbitrary File Read via Web UI (cplogo-install)
03/09/21
CVE-2021-25156
Authenticated Arbitrary Directory Create via Web UI (cplogo-install)
06/07/20
CVE-2020-13917
rkscli jailbreak
06/07/20
CVE-2020-13919
Authenticated command injection in emfd/libemf
06/07/20
CVE-2020-13918
Infromation leakage from /upnp.jsp
06/07/20
CVE-2020-13916
Stack buffer overflow in webs
06/07/20
CVE-2020-13915
Unauthenticated admin credentials overwrite
06/07/20
CVE-2020-13914
Webserver denial fo service
06/07/20
CVE-2020-13913
XSS in /admin/_wla_cmdstat.jsp
12/17/19
ALEPH-2019014
Ruckus CLI (rkscli) jailbreak
12/17/19
CVE-2019-19843
Admin credentials leakage
12/17/19
CVE-2019-19842
Remote command injection via a crafted HTTP request (cmdSpectraAnalysis)
12/17/19
CVE-2019-19841
Remote command injection via a crafted HTTP request (cmdPacketCapture)
12/17/19
CVE-2019-19840
Stack buffer overflow in zap executable
12/17/19
CVE-2019-19839
Remote command injection via a crafted HTTP request (cmdImportCategory)
12/17/19
CVE-2019-19838
Remote command injection via a crafted HTTP request (cmdImportAvpPort)
12/17/19
CVE-2019-19837
Information disclosure vulnerability
12/17/19
CVE-2019-19836
Remote code execution vulnerability via zap
12/17/19
CVE-2019-19835
SSRF vulnerability in zap
12/17/19
CVE-2019-19834
Ruckus CLI (ruckus_cli2) jailbreak