CVE-2017-0933

Name of the Vulnerable Software and Affected Versions Ubiquiti Networks EdgeOS versions 1.9.1 and prior

Description The issue allows an attacker with access to an operator account to potentially gain admin privileges by luring an admin user into accessing an attacker-controlled page, exploiting a Cross-Site Request Forgery (CSRF) weakness.

Recommendations For Ubiquiti Networks EdgeOS versions 1.9.1 and prior, update to a version later than 1.9.1 to resolve the issue.