https://community.ruckuswireless.com/t5/Unleashed/Unleased-200-13-6-1-319-Dropbear-CVE-2020-36254-False-Positive/m-p/55688#M4961 <P>Hi&nbsp;<a href="https://community.ruckuswireless.com/t5/user/viewprofilepage/user-id/11100">@al_butler_gvr54</a>&nbsp;<BR />Please ignore, as Ayleth confirmed,&nbsp;<SPAN>CVE-2020-36254 is not affected for our APs.</SPAN></P> Thu, 23 Mar 2023 04:45:34 GMT sanjay_kumar 2023-03-23T04:45:34Z https://community.ruckuswireless.com/t5/Unleashed/Unleased-200-13-6-1-319-Dropbear-CVE-2020-36254-False-Positive/m-p/49185#M4686 <P>Unleashed APs are being detected as vulnerable to&nbsp;CVE-2020-36254</P><P><STRONG>Summary</STRONG></P><UL><LI>Dropbear is mishandling the filename of . or an empty filename.</LI></UL><P><STRONG>Vulnerability Detection Result</STRONG></P><UL><LI>Installed version: 2018.76 Fixed version: 2020.79 Installation path / port: 22/tcp</LI></UL><P><STRONG>Impact</STRONG></P><UL><LI>Successful exploitation would allow an attacker to modify the permissions of the target directory on the client side.</LI></UL><P>Can someone advise if this is mitigated or a false positive?</P> Thu, 01 Dec 2022 15:03:04 GMT https://community.ruckuswireless.com/t5/Unleashed/Unleased-200-13-6-1-319-Dropbear-CVE-2020-36254-False-Positive/m-p/49185#M4686 al_butler_gvr54 2022-12-01T15:03:04Z https://community.ruckuswireless.com/t5/Unleashed/Unleased-200-13-6-1-319-Dropbear-CVE-2020-36254-False-Positive/m-p/55659#M4958 <P>Hello,&nbsp;</P><P>Thank you for your question, I'm from the unleashed department.&nbsp;</P><P><SPAN>To answer your query, our APs should not be vulnerable to CVE-2020-36254.&nbsp;</SPAN></P><P>&nbsp;</P><P>Best Regards,</P><P>Ayleth Alvarez | Sr Technical Support Engineer | TAC Wired</P> Wed, 22 Mar 2023 20:12:39 GMT https://community.ruckuswireless.com/t5/Unleashed/Unleased-200-13-6-1-319-Dropbear-CVE-2020-36254-False-Positive/m-p/55659#M4958 aalvarez6 2023-03-22T20:12:39Z https://community.ruckuswireless.com/t5/Unleashed/Unleased-200-13-6-1-319-Dropbear-CVE-2020-36254-False-Positive/m-p/55680#M4959 <P>Hi&nbsp;<a href="https://community.ruckuswireless.com/t5/user/viewprofilepage/user-id/11100">@al_butler_gvr54</a>&nbsp;<BR />Could you please confirm the Unleashed version running on the APs?</P> Thu, 23 Mar 2023 02:49:54 GMT https://community.ruckuswireless.com/t5/Unleashed/Unleased-200-13-6-1-319-Dropbear-CVE-2020-36254-False-Positive/m-p/55680#M4959 sanjay_kumar 2023-03-23T02:49:54Z https://community.ruckuswireless.com/t5/Unleashed/Unleased-200-13-6-1-319-Dropbear-CVE-2020-36254-False-Positive/m-p/55688#M4961 <P>Hi&nbsp;<a href="https://community.ruckuswireless.com/t5/user/viewprofilepage/user-id/11100">@al_butler_gvr54</a>&nbsp;<BR />Please ignore, as Ayleth confirmed,&nbsp;<SPAN>CVE-2020-36254 is not affected for our APs.</SPAN></P> Thu, 23 Mar 2023 04:45:34 GMT https://community.ruckuswireless.com/t5/Unleashed/Unleased-200-13-6-1-319-Dropbear-CVE-2020-36254-False-Positive/m-p/55688#M4961 sanjay_kumar 2023-03-23T04:45:34Z