PT-2023-7474 · Ubiquiti · Ubiquiti Edgerouter X
Leetmoon
·
Published
2023-03-25
·
Updated
2024-08-02
·
CVE-2023-1458
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Ubiquiti EdgeRouter X version 2.0.9-hotfix.6
Description
A critical issue has been found in the OSPF Handler component of the software, potentially allowing for command injection through the manipulation of the argument area. This can be exploited remotely. The existence of this issue is still uncertain.
Recommendations
For version 2.0.9-hotfix.6, consider restricting access to the OSPF Handler component until a fix is available.
As a temporary workaround, avoid using the argument area in the OSPF Handler component to minimize the risk of exploitation.
Exploit
Fix
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ubiquiti Edgerouter X