5 matches found
CVE-2019-5445
CVE-2019-5445 affects Ubiquiti EdgeMAX EdgeSwitch prior to firmware version 1.8.2. The vulnerability allows an administrator to cause a denial-of-service by sending crafted commands that crash the SSH CLI interface. Documents consistently describe this as a DoS affecting the SSH CLI, with the imp...
CVE-2019-5446
CVE-2019-5446 affects EdgeMAX EdgeSwitch prior to version 1.8.2. The vulnerability enables a local-admin (admin) to inject commands that run as root via improper handling of input during command construction. Impact is command execution with root privileges on vulnerable EdgeSwitch devices. Affec...
CVE-2020-8233
CVE-2020-8233 is a command-injection vulnerability in Ubiquiti EdgeSwitch firmware prior to v1.9.0. An authenticated read-only user could execute arbitrary shell commands via the HTTP interface, enabling privilege escalation. The vulnerability affects EdgeSwitch firmware
CVE-2020-8232
CVE-2020-8232 affects Ubiquiti EdgeMax EdgeSwitch firmware v1.9.0 (EdgeSwitch ESWH/ESGH). An information disclosure vulnerability allows read-only SNMP users to obtain unauthorized information via SNMP community pages. Exploitation details are not described in the primary documents, but multiple ...
CVE-2018-12590
Affected product / version: Ubiquiti Networks EdgeSwitch 1.7.3 and earlier. Vulnerability: externally controlled format-string in the admin CLI due to lack of protection, enabling code execution and privilege escalation beyond what admins can do. Impact: attacker with access to an admin account c...