CVE-2020-22662

CVSS V2 None CVSS V3 None
Description
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized "illegal region code" by remote code Execution command injection which leads to run illegal frequency with maxi output power. Vulnerability allows attacker to create an arbitrary amount of ssid wlans interface per radio which creates overhead over noise (the default max limit is 8 ssid only per radio in solo AP). Vulnerability allows attacker to unlock hidden regions by privilege command injection in WEB GUI.
Overview
  • CVE ID
  • CVE-2020-22662
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-20T19:15:13
  • Last Modified Date
  • 2023-02-01T21:34:48
Weakness Enumerations
CWE URL
CWE-77 http://cwe.mitre.org/data/definitions/77.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:ruckuswireless:r310_firmware:10.5.1.0.199:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:r500_firmware:10.5.1.0.199:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:r600_firmware:10.5.1.0.199:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:t300_firmware:10.5.1.0.199:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:t301n_firmware:10.5.1.0.199:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:t301s_firmware:10.5.1.0.199:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:scg200_firmware:*:*:*:*:*:*:*:* 1 OR 3.6.2.0.795
cpe:2.3:h:ruckuswireless:scg200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:* 1 OR 3.6.2.0.795
cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:* 1 OR 3.6.2.0.795
cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:* 1 OR 3.6.2.0.795
cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:zonedirector_1100_firmware:9.10.2.0.130:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ruckuswireless:zonedirector_1100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:10.2.1.0.218:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:zonedirector_3000_firmware:10.2.1.0.218:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ruckuswireless:zonedirector_3000:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:ruckuswireless:zonedirector_5000_firmware:10.0.1.0.151:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ruckuswireless:zonedirector_5000:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://support.ruckuswireless.com/security_bulletins/302
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2020-22662
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22662
History
Created Old Value New Value Data Type Notes
2023-01-20 21:14:04 Added to TrackCVE
2023-01-23 15:14:19 2023-01-23T15:08:08 CVE Modified Date updated
2023-01-23 15:14:19 Received Awaiting Analysis Vulnerability Status updated
2023-01-27 17:15:33 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-02-01 23:14:29 2023-02-01T21:34:48 CVE Modified Date updated
2023-02-01 23:14:29 Undergoing Analysis Analyzed Vulnerability Status updated
2023-02-01 23:14:29 Weakness Enumeration new
2023-02-01 23:14:30 CPE Information updated