PT-2021-15266 · Ubiquiti · Edgemax Edgerouter
Published
2021-05-20
·
Updated
2025-07-20
·
CVE-2021-22909
CVSS v2.0
7.6
High
| Vector | AV:N/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
EdgeMAX EdgeRouter versions prior to V2.0.9-hotfix.1
Description
A vulnerability found in EdgeMAX EdgeRouter could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update.
Recommendations
For EdgeMAX EdgeRouter versions prior to V2.0.9-hotfix.1, update to EdgeMAX EdgeRouter V2.0.9-hotfix.1 or later to resolve the issue.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Edgemax Edgerouter