Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.8 views

PT-2026-28262

Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...

9CVSS5.8AI score0.0008EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2020-20381

Malware in sbrugna...

7.5CVSS7.5AI score0.01003EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 2:48 a.m.5 views

CVE-2010-5330

On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi aka Show AP info because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSyn...

9.8CVSS7.2AI score0.34401EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2019/06/13 12:0 a.m.4 views

VulnCheck KEV: CVE-2010-5330

Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi...

9.8CVSS7.3AI score0.34401EPSS
Exploits0References1
NVD
NVD
added 2019/06/11 9:29 p.m.22 views

CVE-2010-5330

On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi aka Show AP info because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSyn...

9.8CVSS9.5AI score0.34401EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2019/06/11 8:46 p.m.7 views

CVE-2010-5330

On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi aka Show AP info because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSyn...

7.1AI score0.34401EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2019/06/11 12:0 a.m.29 views

CVE-2010-5330

On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi aka Show AP info because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSyn...

9.8CVSS5.2AI score0.34401EPSS
In wildExploits0References3
CNVD
CNVD
added 2018/06/21 12:0 a.m.4 views

Ubiquiti Networks EdgeSwitch Code Execution Vulnerability

The Ubiquiti EdgeSwitch is a Gigabit network switch device from Ubiquiti Networks, Inc. A security vulnerability exists in Ubiquiti EdgeSwitch 1.7.3 and earlier versions, which stems from the program's lack of protection for the admin CLI. The vulnerability can be exploited by an attacker to...

9CVSS7.2AI score0.0167EPSS
Exploits0References1
Rows per page
Query Builder