PT-2023-7474 · Ubiquiti · Ubiquiti Edgerouter X

Leetmoon

Publicado

2023-03-25

Atualizado

2024-08-02

CVE-2023-1458

CVSS v3.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ubiquiti EdgeRouter X version 2.0.9-hotfix.6

Description A critical issue has been found in the OSPF Handler component of the software, potentially allowing for command injection through the manipulation of the argument area. This can be exploited remotely. The existence of this issue is still uncertain.

Recommendations For version 2.0.9-hotfix.6, consider restricting access to the OSPF Handler component until a fix is available. As a temporary workaround, avoid using the argument area in the OSPF Handler component to minimize the risk of exploitation.

Exploit

Correção

Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-77

Identificadores relacionados

BDU:2023-08518

CVE-2023-1458

Produtos afetados

Ubiquiti Edgerouter X

PT-2023-7474 · Ubiquiti · Ubiquiti Edgerouter X

CVE-2023-1458

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9