rkscli jailbreak

Aleph Research Advisory

Identifier

CVE-2020-13917

Severity

High

Product

- ZoneDirector - Unleashed

Vulnerable Version

- ZoneDirector: 9.9 and before - ZoneDirector: 9.10.x - ZoneDirector: 9.12.x - ZoneDirector: 9.13.x - ZoneDirector: 10.0.x - ZoneDirector: 10.1.x - ZoneDirector: 10.2.x - ZoneDirector: 10.3.x - Unleashed: 200.6 and before - Unleashed: 200.7

Technical Details

rkscli in Ruckus Wireless Unleashed through 200.7.10.62 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command.

Information about the exploitation of this vulnerability can be found in our 36C3 talk.

Timeline

05-Feb-20
: Reported to Ruckus Product Security Team
15-Jun-20
: Patch
07-Jun-20
: CVE-2020-13917 assigned
05-Aug-20
: Public disclosure

Credit

waveburst of Aleph Research, HCL Software