CVE-2017-6223

Summary

Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less than 9.13.0.0.232 contain OS Command Injection vulnerabilities in the ping functionality that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system.

Affected Software

VendorProductVersion RangeStatus
Brocade Communications Systems, Inc.Zone Director Controller FirmwareZD9.9.xaffected
Brocade Communications Systems, Inc.Zone Director Controller FirmwareZD9.10.xaffected
Brocade Communications Systems, Inc.Zone Director Controller FirmwareZD9.13.0.xaffected

Weaknesses

  • Authenticated Root Command Injection

ADP Enrichment

CVE Program Container

Additional References

References