CommScope RUCKUS Community Forums

li_xiang · ‎07-05-2021

I am a security researcher from Baidu，Recently, we have detected a large number of hacking incidents from ddos attacks initiated on the UDP9001 port on the SmartZone-100 device. Great harm!!!

Refer to my screenshot for details.my phone number is 18903860673

My email address is 18903860673@163.com， I come from Baidu in China，Hope you guys get back to me as soon as possible，

Image_ images_messages_60e2e826343e2b0bb01b8590_219bd35fad14c5417a7d39494614700d_1-26b24858-5030-47b4-b43a-b44b450c4a75-46734060.png

Image_ images_messages_60e2e826343e2b0bb01b8590_f0303439659a2da30844ab8530b7fbb5_4-bf56df6d-8c4f-4824-a102-978858c41c8a-49504623.png

Image_ images_messages_60e2e826343e2b0bb01b8590_08d613990b078e9c2e92d2c3c5c6df48_5-37ecab71-5b48-4656-8707-bac7a4541638-50428144.png

grodog-prod · ‎07-06-2021

@li_xiang and @parikshith_nagaraj_aa0004 and @syamantak_omer : you're still able to read and access this thread after we shifted it private, correct?

Allan.

Allan T. Grohe Jr.
==
Knowledge Management Program Director
for RUCKUS Customer Services & Support

li_xiang · ‎07-06-2021

@allan_grohe Yes, we can access ip and port through UDP protocol and receive excessive response packets. Can you tell me what service is opened on port 9001? It should not be es, but filebeat? What is the specific service?

grodog-prod · ‎07-07-2021

@syamantak_omer and @parikshith_nagaraj_aa0004 can help you better then me on that front, @li_xiang---I'm not technical in our products like they are!

Allan.

Allan T. Grohe Jr.
==
Knowledge Management Program Director
for RUCKUS Customer Services & Support

syamantakomer · ‎07-21-2021

Hi All,

This vulnerabilities has been fixed by our engineering team.

Refer the security advisory from the below link.

https://support.ruckuswireless.com/security_bulletins/312

CommScope RUCKUS Community Forums

SmartZone-100 product has security vulnerabilities.Hackers can use udp9001 port to launch ddos reflection amplification attack