PT-2023-26258 · Ubiquiti · Unifi Switches+1
Publicado
2023-08-10
·
Atualizado
2023-08-17
·
CVE-2023-38034
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
UniFi Access Points versions 6.5.53 and earlier
UniFi Switches versions 6.5.32 and earlier
Description
A command injection vulnerability in the DHCP Client function of UniFi Access Points and Switches could allow a Remote Code Execution (RCE). The Switch Flex Mini is excluded from the list of affected products.
Recommendations
Update UniFi Access Points to Version 6.5.62 or later.
Update UniFi Switches to Version 6.5.59 or later.
Correção
Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Unifi Access Points
Unifi Switches