6 matches found
EUVD-2018-17047
Malware in sbrugna...
Code injection
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters...
CVE-2018-5265
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters...
CVE-2018-5265
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters...
Ubiquiti Networks EdgeOS Elevation of Privilege Vulnerability
Ubiquiti Networks EdgeOS is a suite of operating systems from Ubiquiti Networks that run in Ubiquiti products. A security vulnerability exists in Ubiquiti Networks EdgeOS 1.9.1.1 and prior versions, which stems from the program's lack of file system protection. An attacker could exploit the...
Ubiquiti Networks EdgeOS elevation of privilege vulnerability (CNVD-2018-07433)
Ubiquiti Networks EdgeOS is a suite of operating systems from Ubiquiti Networks that run in Ubiquiti products. A security vulnerability exists in Ubiquiti Networks EdgeOS 1.9.1.1 and prior versions, which arises from the program's failure to validate inputs to security features. An attacker could...