RSS   Vulnerabilities for 'Edgeswitch firmware'   RSS

2018-06-20
 
CVE-2018-12591

CWE-78
 

 
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized element in an OS command due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary shell instructions.

 
 
CVE-2018-12590

CWE-134
 

 
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary code.

 

 >>> Vendor: UBNT 10 Products
Aircam
Aircam dome
Aircam mini
Airvision firmware
Unifi
Unifi video
Unifi controller
Edgeos
Edgeswitch firmware
Airmax ac firmware


Copyright 2024, cxsecurity.com

 

Back to Top