JD Cloud AX6600 安全漏洞

JD Cloud AX6600 is an edge computing router developed by JD.com, a Chinese company. Versions of JD Cloud AX6600 such as 4.5.1.r4533 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect handling of parameters in the file/jdcapi, which may lead to remote privilege...

EUVD-2024-19815

Malicious code in bioql PyPI...

CVE-2023-23912

A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways USG Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected devic...

CVE-2023-2379

A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Service. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

CVE-2023-2376

A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been classified as critical. Affected is an unknown function of the component Web Management Interface. The manipulation of the argument dpi leads to command injection. It is possible to launch the attack remotely. Th...

Cisco SD-WAN vEdge 安全漏洞

The Cisco SD-WAN vEdge is a router from Cisco USA. A security vulnerability exists in the Cisco SD-WAN vEdge that originates from not properly handling certain types of incorrectly formatted UDP packets...

CVE-2024-22246

VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router...

CVE-2023-2376

A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been classified as critical. Affected is an unknown function of the component Web Management Interface. The manipulation of the argument dpi leads to command injection. It is possible to launch the attack remotely. Th...

Ubiquiti EdgeRouter 命令注入漏洞

The Ubiquiti EdgeRouter is a router from Ubiquiti USA. A command injection vulnerability exists in Ubiquiti EdgeRouter X version 2.0.9-hotfix.6 and prior versions, which stems from an incorrect operation of the parameter ecn-up that can lead to command injection...

PT-2023-19174 · Ubiquiti · Ubiquiti Edgerouter X

Name of the Vulnerable Software and Affected Versions: Ubiquiti EdgeRouter X versions up to 2.0.9-hotfix.6 Description: A critical issue affects the Web Management Interface component, where the manipulation of the src argument leads to command injection. This can be initiated remotely...

CVE-2023-1457

A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X 2.0.9-hotfix.6. Affected is an unknown function of the component Static Routing Configuration Handler. The manipulation of the argument next-hop-interface leads to command injection. It is possible to launch the...

CVE-2023-1456

A vulnerability, which was classified as critical, has been found in Ubiquiti EdgeRouter X 2.0.9-hotfix.6. This issue affects some unknown processing of the component NAT Configuration Handler. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been...

CVE-2023-1456

A vulnerability, which was classified as critical, has been found in Ubiquiti EdgeRouter X 2.0.9-hotfix.6. This issue affects some unknown processing of the component NAT Configuration Handler. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been...

CVE-2023-1457

A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X 2.0.9-hotfix.6. Affected is an unknown function of the component Static Routing Configuration Handler. The manipulation of the argument next-hop-interface leads to command injection. It is possible to launch the...

PT-2023-7475 · Ubiquiti · Ubiquiti Edgerouter X

Name of the Vulnerable Software and Affected Versions: Ubiquiti EdgeRouter X version 2.0.9-hotfix.6 Description: The issue exists due to insufficient input validation in the Static Routing Configuration Handler component of the Ubiquiti EdgeRouter microprogram. Exploitation of this issue may allo...

Ubiquiti EdgeRouter 命令注入漏洞

The Ubiquiti EdgeRouter is a router from Ubiquiti USA. A security vulnerability exists in Ubiquiti EdgeRouter X version 2.0.9-hotfix.6, which stems from an incorrect operation of the parameter next-hop-interface that can lead to command injection...

CVE-2023-23912

A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways USG Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected devic...

CVE-2022-20717

A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service DoS condition. This vulnerability is due to insufficient memory management when an affected device...

CVE-2021-22909

A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle MitM attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later...

Cisco SD-WAN products 缓冲区错误漏洞

Cisco SD-WAN vEdge is a router from Cisco. The device provides basic WAN, security, and multi-cloud capabilities for Cisco SD-WAN solutions. A denial of service vulnerability exists in the VPN tunneling functionality of the Cisco SD-WAN vEdge Router, which arises from a program that does not...