PT-2019-17657 · Ubiquiti Networks · Edgeswitch X

Publicado

2019-04-10

Atualizado

2020-10-16

CVE-2019-5424

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Ubiquiti Networks EdgeSwitch X versions 1.1.0 and prior

Description A privileged user can execute arbitrary shell commands over the SSH CLI interface, allowing the execution of shell commands under the root user.

Recommendations For versions 1.1.0 and prior, restrict access to the SSH CLI interface to minimize the risk of exploitation. As a temporary workaround, consider limiting the privileges of users who have access to the SSH CLI interface until a patch is available.

Correção

OS Command Injection

Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78CWE-77

Identificadores relacionados

CVE-2019-5424

Produtos afetados

Edgeswitch X

PT-2019-17657 · Ubiquiti Networks · Edgeswitch X

CVE-2019-5424

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4