93C08539Wvu

**Name of the Vulnerable Software and Affected Versions** Ubiquiti airMAX versions prior to 7.1.3 Ubiquiti airMAX M versions prior to 5.6.2 Ubiquiti airMAX M versions prior to 5.5.11 Ubiquiti airMAX M versions prior to 5.5.10u2 Ubiquiti airGateway versions prior to 1.1.5 Ubiquiti airFiber AF24/AF24HD versions prior to 2.2.1 Ubiquiti airFiber AF5x versions prior to 3.0.2.1 Ubiquiti airFiber AF5 versions prior to 2.2.1 Ubiquiti airOS 4 XS2/XS5 versions prior to 4.0.4 Ubiquiti EdgeSwitch XP versions prior to 1.3.2 **Description** The web management interface of Ubiquiti devices allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques, potentially leading to root privileges. **Recommendations** For Ubiquiti airMAX, update to version 7.1.3 or later. For Ubiquiti airMAX M, update to version 5.6.2 or later for XM/XW/TI, version 5.5.11 or later for XM/TI, and version 5.5.10u2 or later for XW. For Ubiquiti airGateway, update to version 1.1.5 or later. For Ubiquiti airFiber AF24/AF24HD, update to version 2.2.1 or later. For Ubiquiti airFiber AF5x, update to version 3.0.2.1 or later. For Ubiquiti airFiber AF5, update to version 2.2.1 or later. For Ubiquiti airOS 4 XS2/XS5, update to version 4.0.4 or later. For Ubiquiti EdgeSwitch XP, update to version 1.3.2 or later.