2 matches found
Ubiquiti Inc.: Web Server Predictable Session ID on EdgeSwitch
In EdgeSwitch legacy web interface the SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection. These vulnerabilities were found on EdgeSwitch 1G switch ESWH and EdgeSwitch 10G switch ESGH firmware v1.9.0. The fix for the...
Ubiquiti Networks EP-R6 / ER-X / ER-X-SFP Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Cross-Site Scripting XSS product: Ubiquiti Networks EP-R6, ER-X, ER-X-SFP vulnerable version: Firmware v1.9.1 fixed version: Firmware v1.9.1.1 CVE number: impact: Medium...