22 matches found
CVE-2023-31998
A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices...
EUVD-2022-46550
Malicious code in bioql PyPI...
EUVD-2023-36287
Malicious code in bioql PyPI...
CVE-2022-43553
A remote code execution vulnerability in EdgeRouters Version 2.0.9-hotfix.4 and earlier allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later...
Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks
This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024...
FBI Alert: Russian Hackers Target Ubiquiti Routers for Data, Botnet Creation
By Deeba Ahmed Russian hackers, part of Russias Main Intelligence Directorate of the General Staff, are using compromised Ubiquiti EdgeRouters to… This is a post from HackRead.com Read the original post: FBI Alert: Russian Hackers Target Ubiquiti Routers for Data, Botnet Creation...
CVE-2023-31998
A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices...
Heap overflow
A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices...
CVE-2023-31998
A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices...
CVE-2023-31998
This CVE concerns a heap overflow in Ubiquiti EdgeRouter and AirCube devices, linked to the MiniUPnPd UPnP service. A local-network attacker could interrupt UPnP (and, per PT-2023-3998, potentially execute arbitrary code). Affected versions include EdgeRouter prior to 2.0.9-hotfix.7 and AirCube p...
CVE-2023-31998
A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices...
Ubiquiti EdgeRouters 缓冲区错误漏洞
Ubiquiti EdgeRouters is a series of edge routers from Ubiquiti USA. A security vulnerability exists in Ubiquiti EdgeRouters and Aircubes that stems from the presence of a heap overflow vulnerability that allows a malicious actor to interrupt UPnP services on the device...
CVE-2023-23912
A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways USG Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected devic...
Remote code execution
A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways USG Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected devic...
CVE-2023-23912
A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways USG Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected devic...
CVE-2023-23912
The CVE-2023-23912 issue affects Ubiquiti EdgeOS devices (EdgeRouters up to 2.0.9-hotfix.5 and USG up to 4.4.56). The root cause is in the dhcp6c daemon, where insufficient validation of a user-supplied string enables a network-adjacent attacker connected to the WAN to achieve remote code executi...
CVE-2023-23912
A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways USG Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected devic...
CVE-2022-43553
A remote code execution vulnerability in EdgeRouters Version 2.0.9-hotfix.4 and earlier allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later...
Remote code execution
A remote code execution vulnerability in EdgeRouters Version 2.0.9-hotfix.4 and earlier allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later...
CVE-2022-43553
A remote code execution vulnerability in EdgeRouters Version 2.0.9-hotfix.4 and earlier allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later...