cancel
Showing results for 
Search instead for 
Did you mean: 

Unleased 200.13.6.1.319 - Dropbear CVE-2020-36254 - False Positive or Mitigated?

al_butler_gvr54
New Contributor

Unleashed APs are being detected as vulnerable to CVE-2020-36254

Summary

  • Dropbear is mishandling the filename of . or an empty filename.

Vulnerability Detection Result

  • Installed version: 2018.76 Fixed version: 2020.79 Installation path / port: 22/tcp

Impact

  • Successful exploitation would allow an attacker to modify the permissions of the target directory on the client side.

Can someone advise if this is mitigated or a false positive?

3 REPLIES 3

aalvarez6
RUCKUS Team Member

Hello, 

Thank you for your question, I'm from the unleashed department. 

To answer your query, our APs should not be vulnerable to CVE-2020-36254. 

 

Best Regards,

Ayleth Alvarez | Sr Technical Support Engineer | TAC Wired

sanjay_kumar
RUCKUS Team Member

Hi @al_butler_gvr54 
Could you please confirm the Unleashed version running on the APs?

Hi @al_butler_gvr54 
Please ignore, as Ayleth confirmed, CVE-2020-36254 is not affected for our APs.