8 matches found
PT-2026-28262
Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...
EUVD-2020-20381
Malware in sbrugna...
CVE-2010-5330
On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi aka Show AP info because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSyn...
VulnCheck KEV: CVE-2010-5330
Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi...
CVE-2010-5330
On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi aka Show AP info because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSyn...
CVE-2010-5330
On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi aka Show AP info because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSyn...
CVE-2010-5330
On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi aka Show AP info because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSyn...
Ubiquiti Networks EdgeSwitch Code Execution Vulnerability
The Ubiquiti EdgeSwitch is a Gigabit network switch device from Ubiquiti Networks, Inc. A security vulnerability exists in Ubiquiti EdgeSwitch 1.7.3 and earlier versions, which stems from the program's lack of protection for the admin CLI. The vulnerability can be exploited by an attacker to...