CVE-2018-5265

Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters...

SecuriTeam Secure Disclosure

Hi all, In the past 10 years Beyond Security runs a vulnerability disclosure program called SecurTeam Secure Disclosure SSD. We are looking to acquire high end vulnerabilities in various stages of research, PoC and similar. We also runs Hack2Win online competition. Hack2Win online is a hacking...

Ubiquiti Networks EdgeRouter XSS Vulnerability

Ubiquiti Networks EdgeRouter are prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

SSH Brute Force Logins With Default Credentials Reporting

It was possible to login into the remote SSH server using default credentials. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...