CVE-2023-2376

Name of the Vulnerable Software and Affected Versions Ubiquiti EdgeRouter X versions up to 2.0.9-hotfix.6

Description A critical issue affects the Web Management Interface component. The manipulation of the dpi argument leads to command injection, allowing remote attacks. The issue has been publicly disclosed and may be exploited.

Recommendations For versions up to 2.0.9-hotfix.6, consider disabling the Web Management Interface or restricting access to it until a patch is available. Avoid using the dpi argument in the affected interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.