A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said...
7.5CVSS
5.8AI Score
0.0005EPSS
A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Management Interface. The manipulation of the argument ecn-up leads to command injection. It is possible to initiate the attack remotely....
8.8CVSS
9AI Score
0.001EPSS
A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and...
8.8CVSS
8.8AI Score
0.002EPSS
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and...
7.5CVSS
7.4AI Score
0.004EPSS
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and...
7.5CVSS
0.004EPSS
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and...
7.5CVSS
7.4AI Score
0.004EPSS
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and...
7.6AI Score
0.004EPSS
A security issue was found in EdgePower 24V/54V firmware v1.7.0 and earlier where, due to missing CSRF protections, an attacker would have been able to perform unauthorized remote code...
8.8CVSS
8.9AI Score
0.001EPSS
9.8CVSS
9.6AI Score
0.027EPSS
9.8CVSS
9.5AI Score
0.027EPSS
9.8CVSS
9.4AI Score
0.027EPSS
9.6AI Score
0.027EPSS
8.8CVSS
9.1AI Score
0.004EPSS
An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could obtain unauthorized information through SNMP community...
6.5CVSS
6.2AI Score
0.001EPSS
8.8CVSS
9.1AI Score
0.004EPSS
An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could obtain unauthorized information through SNMP community...
6.5CVSS
6.1AI Score
0.001EPSS
An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could obtain unauthorized information through SNMP community...
6.5CVSS
6.1AI Score
0.001EPSS
8.8CVSS
9.1AI Score
0.004EPSS
9.2AI Score
0.004EPSS
An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could obtain unauthorized information through SNMP community...
6.2AI Score
0.001EPSS
pppd vulnerable to buffer overflow due to a flaw in EAP packet processing
Overview pppd (Point to Point Protocol Daemon) versions 2.4.2 through 2.4.8 are vulnerable to buffer overflow due to a flaw in Extensible Authentication Protocol (EAP) packet processing in eap_request and eap_response subroutines. Description PPP is the protocol used for establishing internet...
9.8CVSS
0.5AI Score
0.211EPSS
Ubiquiti Inc.: SNMP Community String Disclosure to ReadOnly Users on EdgeSwitch
Read only users could execute unauthorized tasks and through SNMP community string pages. These vulnerabilities were found on EdgeSwitch 1G switch (ESWH) and EdgeSwitch 10G switch (ESGH) firmware v1.9.0. The fix for these vulnerabilities were included in the EdgeMax EdgeSwitch firmware v1.9.1 ...
6.5CVSS
1.6AI Score
0.001EPSS
Ubiquiti Inc.: Readonly to Root Privilege Escalation on EdgeSwitch
An authenticated read-only user can execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges. These vulnerabilities were found on EdgeSwitch 1G switch (ESWH) and EdgeSwitch 10G switch (ESGH) firmware v1.9.0. The fix for these vulnerabilities were included in...
8.8CVSS
1.9AI Score
0.004EPSS
Ubiquiti Inc.: Web Server Predictable Session ID on EdgeSwitch
In EdgeSwitch legacy web interface the SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection. These vulnerabilities were found on EdgeSwitch 1G switch (ESWH) and EdgeSwitch 10G switch (ESGH) firmware v1.9.0. The fix for.....
9.8CVSS
1AI Score
0.027EPSS
Exploit for Allocation of Resources Without Limits or Throttling in Ui Er-X Firmware
Resource Consumption DOS on Edgemax v1.10.6 Resource...
7.5CVSS
1.7AI Score
0.005EPSS
Ubiquiti EdgeMAX < 2.0.3 DoS Vulnerability
Ubiquiti EdgeMAX devices are prone to a denial of service...
7.5CVSS
7.5AI Score
0.005EPSS
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The...
7.5CVSS
7.5AI Score
0.005EPSS
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The...
7.5CVSS
7.5AI Score
0.005EPSS
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The...
7.5CVSS
7.5AI Score
0.005EPSS
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The...
7.5AI Score
0.005EPSS
Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as...
7.2CVSS
7.4AI Score
0.001EPSS
DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted...
4.9CVSS
5.1AI Score
0.001EPSS
Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as...
7.2CVSS
7.3AI Score
0.001EPSS
DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted...
4.9CVSS
5.1AI Score
0.001EPSS
DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted...
4.9CVSS
5.1AI Score
0.001EPSS
Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as...
7.2CVSS
7.4AI Score
0.001EPSS
Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as...
7.4AI Score
0.001EPSS
DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted...
5.1AI Score
0.001EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root...
8.8CVSS
8.8AI Score
0.001EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root...
8.8CVSS
8.9AI Score
0.001EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" (SOCKS proxy) functionalities. Remote attackers without credentials can exploit this bug to access local services or forward traffic through the device if...
4.8CVSS
5.2AI Score
0.002EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to...
8.8CVSS
9AI Score
0.001EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root...
8.8CVSS
8.9AI Score
0.001EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to...
8.8CVSS
9.1AI Score
0.001EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" (SOCKS proxy) functionalities. Remote attackers without credentials can exploit this bug to access local services or forward traffic through the device if...
4.8CVSS
5.2AI Score
0.002EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" (SOCKS proxy) functionalities. Remote attackers without credentials can exploit this bug to access local services or forward traffic through the device if...
4.8CVSS
5.2AI Score
0.002EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to...
8.8CVSS
9AI Score
0.001EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" (SOCKS proxy) functionalities. Remote attackers without credentials can exploit this bug to access local services or forward traffic through the device if...
5.3AI Score
0.002EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to...
9.1AI Score
0.001EPSS
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root...
8.9AI Score
0.001EPSS