4 matches found
CVE-2022-43553
EdgeRouters (versions
CVE-2021-22909
EdgeMAX EdgeRouter exposes a vulnerability (CVE-2021-22909) in V2.0.9 and earlier that can enable a man-in-the-middle attack during firmware updates. Red Hat and NVD entries align on the affected product range and the update process risk. The issue is resolved in EdgeRouter V2.0.9-hotfix.1 and la...
CVE-2023-31998
This CVE concerns a heap overflow in Ubiquiti EdgeRouter and AirCube devices, linked to the MiniUPnPd UPnP service. A local-network attacker could interrupt UPnP (and, per PT-2023-3998, potentially execute arbitrary code). Affected versions include EdgeRouter prior to 2.0.9-hotfix.7 and AirCube p...
CVE-2023-2373
CVE-2023-2373 affects Ubiquiti EdgeRouter X Web Management Interface (versions up to 2.0.9-hotfix.6). The vulnerability arises from improper handling of the ecn-up parameter, enabling remote command injection. Exploitation details have been publicly disclosed across multiple sources; no official ...