E20-a4xr1
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
1
Year:
2020
Description
An authentication bypass vulnerability exists in Ruckus IoT Controller 1.5.1.0.21 and prior. The vulnerability exists due to a hardcoded token used when the 'Authorization' HTTP header has a specific value. By sending a crafted HTTP request, a remote attacker may obtain unauthorized access to the device.