CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

104 matches found

RedhatCVE•added 2025/05/22 7:16 p.m.•5 views

CVE-2021-22909

A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle MitM attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later...

7.6CVSS7AI score0.00612EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:54 a.m.•5 views

CVE-2018-5265

Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters...

7.2CVSS8AI score0.02743EPSS

Exploits1References1

The Hacker News•added 2024/02/28 5:47 a.m.•103 views

Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot Threat

In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation codenamed Dying Ember. The...

9.8CVSS9.7AI score0.93399EPSS

Exploits18

BDU FSTEC•added 2023/12/08 12:0 a.m.•1 views

The vulnerability of the NAT Configuration Handler component in the Ubiquiti EdgeRouter software allows a hacker to execute arbitrary commands.

The vulnerability of the NAT Configuration Handler component in Ubiquiti EdgeRouter software exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS7.6AI score0.01865EPSS

Exploits0References4

BDU FSTEC•added 2023/11/15 12:0 a.m.•1 views

The vulnerability of the microprogramming software used in EdgeRouter routers and UniF Security Gateways allows a perpetrator to execute arbitrary code.

The vulnerability of Microprogrammed Software in EdgeRouter routers and UniF Security Gateways is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS7.7AI score0.01322EPSS

Exploits1References8Affected Software2

Positive Technologies•added 2023/05/01 12:0 a.m.•3 views

PT-2023-3998 · Ubiquiti · Edgerouter X +1

Name of the Vulnerable Software and Affected Versions: Ubiquiti EdgeRouter versions prior to 2.0.9-hotfix.7 Ubiquiti AirCube versions prior to 2.8.9 Description: A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices. The...

7.5CVSS7.9AI score0.00425EPSS

Exploits0References14

OSV•added 2023/04/28 5:15 p.m.•1 views

CVE-2023-2379

A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Service. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

7.5CVSS5.2AI score0.00468EPSS

Exploits1References3

NVD•added 2023/04/28 5:15 p.m.•10 views

CVE-2023-2379

7.8CVSS7.6AI score0.00468EPSS

Exploits1References3

Prion•added 2023/04/28 5:15 p.m.•18 views

Design/Logic Flaw

7.8CVSS7.5AI score0.00468EPSS

Exploits1References3Affected Software2

Cvelist•added 2023/04/28 4:31 p.m.•13 views

CVE-2023-2379 Ubiquiti EdgeRouter X Web Service denial of service

7.8CVSS7.8AI score0.00468EPSS

Exploits1References3

CVE•added 2023/04/28 4:31 p.m.•69 views

CVE-2023-2379

CVE-2023-2379 affects Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The Web Service component is vulnerable to remote denial of service; manipulation leads to DoS. The exploit has been disclosed publicly and may be used. Remediation: upgrade to a version later than 2.0.9-hotfix.6 as advised by PT-2...

7.8CVSS7.6AI score0.00468EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2023/04/28 4:31 p.m.•7 views

CVE-2023-2379 Ubiquiti EdgeRouter X Web Service denial of service

7.8CVSS7.6AI score0.00468EPSS

Exploits1References3

NVD•added 2023/04/28 4:15 p.m.•8 views

CVE-2023-2377

A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Web Management Interface. The manipulation of the argument name leads to command injection. The attack can be...

8.8CVSS7.4AI score0.13734EPSS

Exploits1References3

OSV•added 2023/04/28 4:15 p.m.•3 views

CVE-2023-2378

A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been rated as critical. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation of the argument suffix-rate-up leads to command injection. The attack may be...

8.8CVSS6.4AI score0.13734EPSS

Exploits1References3

NVD•added 2023/04/28 4:15 p.m.•11 views

CVE-2023-2378

8.8CVSS7.3AI score0.13734EPSS

Exploits1References3

OSV•added 2023/04/28 4:15 p.m.•1 views

CVE-2023-2377

8.8CVSS5.5AI score0.13734EPSS

Exploits1References3

NVD•added 2023/04/28 4:15 p.m.•10 views

CVE-2023-2376

A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been classified as critical. Affected is an unknown function of the component Web Management Interface. The manipulation of the argument dpi leads to command injection. It is possible to launch the attack remotely. Th...

8.8CVSS7.5AI score0.13734EPSS

Exploits1References3

Prion•added 2023/04/28 4:15 p.m.•23 views

Command injection

6.5CVSS9AI score0.13734EPSS

Exploits1References3Affected Software2

Prion•added 2023/04/28 4:15 p.m.•18 views

Command injection

6.5CVSS9.1AI score0.13734EPSS

Exploits1References3Affected Software2

Prion•added 2023/04/28 4:15 p.m.•19 views

Command injection