Описание
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs.
Ссылки
- PatchVendor Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitThird Party Advisory
- PatchVendor Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
EPSS
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
Связанные уязвимости
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs.
EPSS
7.5 High
CVSS3
7.8 High
CVSS2