Monday, October 26, 2020
CVE-2020-26879
nist.gov
In: nist.gov
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header. CVE-2020-26879