Unleashed R510 CVE's

KazTech — Mon, 30 Mar 2026 22:21:02 GMT

We have had a cyber security scan and the Ruckus is showing 5 critical CVE's, I have updated the unleashed network to the latest version 200.15.6.212.27 but the CVE's still show. Are these false or do i need to do something else to fix? All point to dropbear_ssh_project.

CVE-2020-36254 - scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685

CVE-2021-36369 - An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed

CVE-2023-48795 - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake

CVE-2018-15599 - The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase

CVE-2019-12953 - Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599

Re: Unleashed R510 CVE's

sanjay_kumar — Tue, 31 Mar 2026 03:14:50 GMT

Hi,

CVE-2020-36254 : Our AP should not be vulnerable to CVE-2020-36254 for the following reason:
1. Our scp binary should be from openssh rather than dropbear, which is not vulnerable to the above CVE.
2. Even if the binary is from dropbear, there is no interface to scp from standard UI (our box is a closed system), hence the vulnerability shouldn’t be exploitable.

CVE-2021-36369 : Currently, the Dropbear version in the firmware (200.18) is v2018.76 which is the same as the firmware 200.15.6.212.20 and 200.15.6.212.27. And there is no plan to upgrade to version 2020.81. Instead, we will be replacing Dropbear with OpenSSH in release (200.19), which will include a fix.

CVE-2023-48795 : Refers to a vulnerability in OpenSSH, potentially allowing attackers to exploit weaknesses in SSH encryption algorithms AP's do not support the vulnerable cipher and therefore are not affected by this. Thus, unleashed is not vulnerable to CVE-2023-48795

CVE-2019-12953, CVE-2018-15599 : Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames.
Our product Ruckus unleashed is not using the Dropbear password verify so its not vulnerable to this.

Overall, 200.19 will be using OpenSSH instead of Dropbear, so upgrading to 200.19 will be a feasible solution.

topic Re: Unleashed R510 CVE's in Unleashed

Unleashed R510 CVE's

Re: Unleashed R510 CVE's