Description
Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ZD10.0.0.x, ZD10.0.1.x (less than 10.0.1.0.17 MR1 release) and Ruckus Wireless Unleashed AP Firmware releases 200.0.x, 200.1.x, 200.2.x, 200.3.x, 200.4.x. contain OS Command Injection vulnerabilities that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system by appending those commands in the Common Name field in the Certificate Generation Request.
Published: 2017-10-13
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2017-15285 Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ZD10.0.0.x, ZD10.0.1.x (less than 10.0.1.0.17 MR1 release) and Ruckus Wireless Unleashed AP Firmware releases 200.0.x, 200.1.x, 200.2.x, 200.3.x, 200.4.x. contain OS Command Injection vulnerabilities that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system by appending those commands in the Common Name field in the Certificate Generation Request.
History

No history.

Subscriptions

Ruckuswireless Unleashed Unleashed Firmware Zonedirector Zonedirector Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: brocade

Published:

Updated: 2024-09-16T18:34:15.776Z

Reserved: 2017-02-23T00:00:00.000Z

Link: CVE-2017-6224

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-10-13T17:29:01.160

Modified: 2026-05-13T00:24:29.033

Link: CVE-2017-6224

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses