PT-2020-19999 · Ubiquiti · Airmax Airos

Published

2020-05-26

Updated

2020-05-28

CVE-2020-8171

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions AirMax AirOS versions prior to 6.3.0

Description The issue concerns certain end-points that contain functionalities vulnerable to command injection, allowing for remote code execution by crafting an input string that bypasses filter checks.

Recommendations Update to the latest AirMax AirOS firmware version available at the AirMax download page.

Fix

Command Injection

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77CWE-78

Related Identifiers

CVE-2020-8171

Affected Products

Airmax Airos

PT-2020-19999 · Ubiquiti · Airmax Airos

CVE-2020-8171

Weakness Enumeration

Related Identifiers

Affected Products

References · 5