cancel
Showing results for 
Search instead for 
Did you mean: 

SmartZone-100 product has security vulnerabilities.Hackers can use udp9001 port to launch ddos reflection amplification attack

li_xiang
New Contributor

I am a security researcher from Baidu,Recently, we have detected a large number of hacking incidents from ddos attacks initiated on the UDP9001 port on the SmartZone-100 device. Great harm!!!

Refer to my screenshot for details.my phone number is 18903860673

My email address is 18903860673@163.com, I come from Baidu in China,Hope you guys get back to me as soon as possible,

Image_ images_messages_60e2e826343e2b0bb01b8590_219bd35fad14c5417a7d39494614700d_1-26b24858-5030-47b4-b43a-b44b450c4a75-46734060.png
Image_ images_messages_60e2e826343e2b0bb01b8590_f0303439659a2da30844ab8530b7fbb5_4-bf56df6d-8c4f-4824-a102-978858c41c8a-49504623.png
Image_ images_messages_60e2e826343e2b0bb01b8590_08d613990b078e9c2e92d2c3c5c6df48_5-37ecab71-5b48-4656-8707-bac7a4541638-50428144.png
13 REPLIES 13

grodog-prod
Contributor II

@li_xiang and @parikshith_nagaraj_aa0004 and @syamantak_omer :  you're still able to read and access this thread after we shifted it private, correct?

Allan.

Allan T. Grohe Jr.
==
Knowledge Management Program Director
for RUCKUS Customer Services & Support

@allan_grohe Yes, we can access ip and port through UDP protocol and receive excessive response packets. Can you tell me what service is opened on port 9001? It should not be es, but filebeat? What is the specific service?

@syamantak_omer and @parikshith_nagaraj_aa0004 can help you better then me on that front, @li_xiang---I'm not technical in our products like they are!

Allan.

Allan T. Grohe Jr.
==
Knowledge Management Program Director
for RUCKUS Customer Services & Support

syamantakomer
Community Admin
Community Admin

Hi All,

This vulnerabilities has been fixed by our engineering team.

Refer the security advisory from the below link.

https://support.ruckuswireless.com/security_bulletins/312


Syamantak Omer
Sr.Staff TSE | CWNA | CCNA | RCWA | RASZA | RICXI
RUCKUS Networks, CommScope!
Follow me on LinkedIn