Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-2373

Опубликовано: 28 апр. 2023
Источник: nvd
CVSS3: 6.3
CVSS3: 8.8
CVSS2: 6.5
EPSS Низкий

Описание

A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Management Interface. The manipulation of the argument ecn-up leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227649 was assigned to this vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:ui:edgemax_edgerouter_firmware:*:*:*:*:*:*:*:*
Версия до 2.0.9 (исключая)
cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:-:*:*:*:*:*:*
cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix1:*:*:*:*:*:*
cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix2:*:*:*:*:*:*
cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix4:*:*:*:*:*:*
cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix5:*:*:*:*:*:*
cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix6:*:*:*:*:*:*

Одно из

cpe:2.3:h:ui:er-x:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:er-x-sfp:-:*:*:*:*:*:*:*

EPSS

Процентиль: 77%
0.01045
Низкий

6.3 Medium

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-77

Связанные уязвимости

github логотип

GHSA-m53m-m826-86fg

CVSS3: 6.3
github
почти 3 года назад

A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Management Interface. The manipulation of the argument ecn-up leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227649 was assigned to this vulnerability.

EPSS

Процентиль: 77%
0.01045
Низкий

6.3 Medium

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-77