2 matches found
CVE-2018-5265
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices is affected by CVE-2018-5265. The root cause is unsanitized shell metacharacters in the alias/ips fields of /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def, enabling remote code execution with admin credentials....
CVE-2017-0935
EdgeOS (Ubiquiti EdgeRouter) versions 1.9.1.1 and earlier are affected by an Improper Privilege Management flaw caused by inadequate file-system protections, enabling an operator (read-only) account to escalate to admin/root. The CVSS metrics indicate high impact with attacker being network-origi...