Lucene search
K

97 matches found

OSV
OSV
added 2020/08/17 4:15 p.m.3 views

CVE-2020-8232

An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could obtain unauthorized information through SNMP community pages...

6.5CVSS6.6AI score0.01735EPSS
Exploits0References3
Prion
Prion
added 2020/08/17 4:15 p.m.21 views

Information disclosure

An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could obtain unauthorized information through SNMP community pages...

4CVSS6.1AI score0.01735EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2020/08/17 4:15 p.m.16 views

Command injection

A command injection vulnerability exists in EdgeSwitch firmware v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges...

9CVSS9.1AI score0.04419EPSS
Exploits0References4Affected Software3
CVE
CVE
added 2020/08/17 3:41 p.m.143 views

CVE-2020-8233

CVE-2020-8233 is a command-injection vulnerability in Ubiquiti EdgeSwitch firmware prior to v1.9.0. An authenticated read-only user could execute arbitrary shell commands via the HTTP interface, enabling privilege escalation. The vulnerability affects EdgeSwitch firmware

9CVSS9.1AI score0.04419EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/08/17 3:41 p.m.33 views

CVE-2020-8233

A command injection vulnerability exists in EdgeSwitch firmware v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges...

9.2AI score0.04419EPSS
Exploits0References4
EUVD
EUVD
added 2020/08/17 3:41 p.m.6 views

EUVD-2020-29105

A command injection vulnerability exists in EdgeSwitch firmware v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges...

9CVSS9.1AI score0.04419EPSS
Exploits0References5
CVE
CVE
added 2020/08/17 3:40 p.m.52 views

CVE-2020-8232

CVE-2020-8232 affects Ubiquiti EdgeMax EdgeSwitch firmware v1.9.0 (EdgeSwitch ESWH/ESGH). An information disclosure vulnerability allows read-only SNMP users to obtain unauthorized information via SNMP community pages. Exploitation details are not described in the primary documents, but multiple ...

6.5CVSS6.1AI score0.01735EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/08/17 3:40 p.m.28 views

CVE-2020-8232

An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could obtain unauthorized information through SNMP community pages...

6.2AI score0.01735EPSS
Exploits0References3
Hacker One
Hacker One
added 2020/02/17 10:54 a.m.35 views

Ubiquiti Inc.: SNMP Community String Disclosure to ReadOnly Users on EdgeSwitch

Read only users could execute unauthorized tasks and through SNMP community string pages. These vulnerabilities were found on EdgeSwitch 1G switch ESWH and EdgeSwitch 10G switch ESGH firmware v1.9.0. The fix for these vulnerabilities were included in the EdgeMax EdgeSwitch firmware v1.9.1 For mor...

4CVSS1.6AI score0.01735EPSS
Exploits0
Hacker One
Hacker One
added 2020/02/14 4:28 a.m.39 views

Ubiquiti Inc.: Readonly to Root Privilege Escalation on EdgeSwitch

An authenticated read-only user can execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges. These vulnerabilities were found on EdgeSwitch 1G switch ESWH and EdgeSwitch 10G switch ESGH firmware v1.9.0. The fix for these vulnerabilities were included in the...

9CVSS1.9AI score0.04419EPSS
Exploits0
OSV
OSV
added 2020/02/07 3:15 p.m.5 views

CVE-2020-8126

A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user Privilege-1 to escalate privileges and became administrator Privilege-15...

7.8CVSS7.1AI score0.00517EPSS
Exploits0References1
NVD
NVD
added 2020/02/07 3:15 p.m.21 views

CVE-2020-8126

A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user Privilege-1 to escalate privileges and became administrator Privilege-15...

7.8CVSS8AI score0.00517EPSS
Exploits0References1
Prion
Prion
added 2020/02/07 3:15 p.m.20 views

Privilege escalation

A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user Privilege-1 to escalate privileges and became administrator Privilege-15...

7.2CVSS8AI score0.00517EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/02/07 2:56 p.m.31 views

CVE-2020-8126

A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user Privilege-1 to escalate privileges and became administrator Privilege-15...

8.1AI score0.00517EPSS
Exploits0References1
CVE
CVE
added 2020/02/07 2:56 p.m.53 views

CVE-2020-8126

The CVE-2020-8126 case affects Ubiquiti EdgeSwitch before version 1.7.1, where a CGI script does not fully sanitize user input, enabling local command execution. An operator-privilege user (Privilege-1) can escalate to administrator (Privilege-15). The issue is triggered via crafted input in the ...

7.8CVSS7.9AI score0.00517EPSS
Exploits0References1Affected Software1
Hacker One
Hacker One
added 2020/01/14 8:23 a.m.51 views

Ubiquiti Inc.: Web Server Predictable Session ID on EdgeSwitch

In EdgeSwitch legacy web interface the SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection. These vulnerabilities were found on EdgeSwitch 1G switch ESWH and EdgeSwitch 10G switch ESGH firmware v1.9.0. The fix for the...

10CVSS1AI score0.0341EPSS
Exploits0
CNVD
CNVD
added 2019/07/11 12:0 a.m.2 views

EdgeMAX EdgeSwitch Command Injection Vulnerability

Ubiquiti Networks EdgeMAX EdgeSwitch is a PoE+ Gigabit switch from Ubiquiti Networks, Inc. A command injection vulnerability exists in Ubiquiti Networks EdgeMAX EdgeSwitch versions prior to 1.8.2. The vulnerability stems from a network system or product not properly filtering specific elements of...

9CVSS7.7AI score0.02662EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/11 12:0 a.m.3 views

EdgeMAX EdgeSwitch Denial of Service Vulnerability

Ubiquiti Networks EdgeMAX EdgeSwitch is a PoE+ Gigabit switch from Ubiquiti Networks, Inc. A security vulnerability exists in Ubiquiti Networks EdgeMAX EdgeSwitch versions prior to 1.8.2. The vulnerability can be exploited by an attacker with specially crafted commands to cause the SSH CLI...

4.9CVSS6.9AI score0.01284EPSS
Exploits0References1
NVD
NVD
added 2019/07/10 8:15 p.m.27 views

CVE-2019-5446

Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as root...

9CVSS7.4AI score0.02662EPSS
Exploits0References1
OSV
OSV
added 2019/07/10 8:15 p.m.4 views

CVE-2019-5445

DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands...

4.9CVSS5.8AI score0.01284EPSS
Exploits0References1
Rows per page
Query Builder