38 matches found
EUVD-2018-17047
Malware in sbrugna...
EUVD-2017-1271
Malware in sbrugna...
EUVD-2017-1273
Malware in sbrugna...
EUVD-2017-1272
Malware in sbrugna...
EUVD-2017-1274
Malware in sbrugna...
CVE-2018-5265
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters...
Ubiquiti Networks EdgeOS Improper Certificate Validation Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ubiquiti Networks EdgeOS on EdgeRouter X, EdgeRouter Pro X SFP, EdgeRouter 10X and EdgePoint 6-port routers. User interaction is required to exploit this vulnerability in that an administrator must...
Ubiquiti Networks EdgeRouter 信任管理问题漏洞
Ubiquiti Networks EdgeRouter is a router from Ubiquiti Networks, Inc. A trust management issue vulnerability exists in Ubiquiti Networks EdgeOS on EdgeRouter X that could allow a remote attacker to execute arbitrary code on an affected installation...
CVE-2018-5265
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters...
Code injection
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters...
CVE-2018-5265
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters...
CVE-2018-5265
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices is affected by CVE-2018-5265. The root cause is unsanitized shell metacharacters in the alias/ips fields of /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def, enabling remote code execution with admin credentials....
CVE-2018-5265
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters...
Ubiquiti Networks EdgeOS elevation of privilege vulnerability (CNVD-2018-07433)
Ubiquiti Networks EdgeOS is a suite of operating systems from Ubiquiti Networks that run in Ubiquiti products. A security vulnerability exists in Ubiquiti Networks EdgeOS 1.9.1.1 and prior versions, which arises from the program's failure to validate inputs to security features. An attacker could...
Ubiquiti Networks EdgeOS Elevation of Privilege Vulnerability
Ubiquiti Networks EdgeOS is a suite of operating systems from Ubiquiti Networks that run in Ubiquiti products. A security vulnerability exists in Ubiquiti Networks EdgeOS 1.9.1.1 and prior versions, which stems from the program's lack of file system protection. An attacker could exploit the...
Ubiquiti Networks EdgeOS elevation of privilege vulnerability (CNVD-2018-07431)
Ubiquiti Networks EdgeOS is a suite of operating systems from Ubiquiti Networks that run in Ubiquiti products. A security vulnerability exists in Ubiquiti Networks EdgeOS 1.9.1 and prior versions, which stems from the program's lack of file system protection. An attacker could exploit the...
Ubiquiti Networks EdgeOS Cross-Site Request Forgery Vulnerability
Ubiquiti Networks EdgeOS is a suite of operating systems from Ubiquiti Networks that run in Ubiquiti products. A cross-site request forgery vulnerability exists in Ubiquiti Networks EdgeOS 1.9.1 and earlier versions. A remote attacker could exploit the vulnerability to gain administrator privileg...
CVE-2017-0932
Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of validation on the input of the Feature functionality. An attacker with access to an operator read-only account and ssh connection to the devices could escalate privileg...
CVE-2017-0932
Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of validation on the input of the Feature functionality. An attacker with access to an operator read-only account and ssh connection to the devices could escalate privileg...
Privilege escalation
Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator read-only account could escalate privileges to admi...