Podatność CVE-2015-9266

Podatność CVE-2015-9266

Publikacja: 2018-09-05

Opis:

Typ:

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
10/10	10/10	10/10

Affected software
UBNT -> Airmax ac firmware

https://community.ubnt.com/t5/airMAX-General-Discussion/Virus-attack-URGENT-UBNT/td-p/1562940

https://community.ubnt.com/t5/airMAX-Updates-Blog/Important-Security-Notice-and-airOS-5-6-5-Release/ba-p/1565949

https://community.ubnt.com/t5/airMAX-Updates-Blog/Security-Release-for-airMAX-TOUGHSwitch-and-airGateway-Released/ba-p/1300494

https://hackerone.com/reports/73480

https://www.exploit-db.com/exploits/39701/

https://www.exploit-db.com/exploits/39853/

https://www.rapid7.com/db/modules/exploit/linux/ssh/ubiquiti_airos_file_upload