CVE-2010-5330

On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi aka Show AP info because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSyn...

CVE-2010-5330

On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi aka Show AP info because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSyn...

Ubiquity Nanostation5 (Air OS) 0day Remote Command Execution

Exploit for hardware platform in category web applications ============================================================ Ubiquity Nanostation5 Air OS 0day Remote Command Execution ============================================================ Exploit Title: Ubiquity Nanostation5 Air OS 0day Remote...

Ubiquity Nanostation5 (Air OS) - Remote Command Execution

Ubiquity Nanostation5 Air OS - Remote Command Execution Exploit Title: Ubiquity Nanostation5 Air OS 0day Remote Command Execution Date: 01 07 2010 Author: Emanuele 'emgent' Gentili Software Link: N/A Version: AirOS all firmwares CVE : N/A + Vulnerability Descrition With not privileged account, li...