2 matches found
CVE-2023-2378
The CVE-2023-2378 entry concerns Ubiquiti EdgeRouter X Web Management Interface, affected up to version 2.0.9-hotfix.6. The root cause is improper handling of the suffix-rate-up parameter, enabling remote command injection. Documented impact is high: arbitrary commands could be executed on the de...
CVE-2023-2378 Ubiquiti EdgeRouter X Web Management command injection
A flaw has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown function of the component Web Management Interface. This manipulation of the argument suffix-rate-up causes command injection. The attack may be initiated remotely. The exploit has been published and may ...