RSS   Vulnerabilities for 'Edgeswitch'   RSS

2020-02-07
 
CVE-2020-8126

CWE-269
 

 
A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user (Privilege-1) to escalate privileges and became administrator (Privilege-15).

 

 >>> Vendor: UI 18 Products
Edgeswitch x
Unifi video
Aircam firmware
Edgeos
Aircam
Aircam dome
Aircam mini
Airvision firmware
Unifi
Unifi controller
Unifi firmware
UCRM
Edgeswitch
Airvision controller
Mfi controller
Cloud key gen2
Cloud key gen2 plus
Unifi protect


Copyright 2021, cxsecurity.com

 

Back to Top