Search
Search Results (7 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-2373 | 2 Ubiquiti, Ui | 4 Edgerouter X, Edgemax Edgerouter Firmware, Er-x and 1 more | 2026-07-09 | 7.2 High |
| A vulnerability was identified in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This vulnerability affects unknown code of the component Web Management Interface. Such manipulation of the argument ecn-up leads to command injection. The attack may be performed from remote. The exploit is publicly available and might be used. The actual existence of this vulnerability is currently in question. The vendor position is that post-authentication issues are not accepted as vulnerabilities. | ||||
| CVE-2022-43553 | 1 Ui | 2 Edgemax Edgerouter, Edgemax Edgerouter Firmware | 2025-04-24 | 8.8 High |
| A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later. | ||||
| CVE-2023-31998 | 1 Ui | 4 Aircube, Aircube Firmware, Edgemax Edgerouter and 1 more | 2024-11-21 | 7.5 High |
| A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices. | ||||
| CVE-2021-22909 | 1 Ui | 2 Edgemax Edgerouter, Edgemax Edgerouter Firmware | 2024-11-21 | 7.5 High |
| A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later. | ||||
| CVE-2020-8282 | 1 Ui | 4 Edgemax Edgepower 24v, Edgemax Edgepower 24v Firmware, Edgemax Edgepower 54v and 1 more | 2024-11-21 | 8.8 High |
| A security issue was found in EdgePower 24V/54V firmware v1.7.0 and earlier where, due to missing CSRF protections, an attacker would have been able to perform unauthorized remote code execution. | ||||
| CVE-2020-8234 | 1 Ui | 12 Edgemax Firmware, Ep-s16, Es-12f and 9 more | 2024-11-21 | 9.8 Critical |
| A vulnerability exists in The EdgeMax EdgeSwitch firmware <v1.9.1 where the EdgeSwitch legacy web interface SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection. | ||||
| CVE-2017-0938 | 1 Ui | 4 Airmax Ac, Airos, Edgemax and 1 more | 2024-11-21 | 7.5 High |
| Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Discovery Protocol in amplification attacks. | ||||
Page 1 of 1.