CVE-2019-5424
N/A
N/A
Summary
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root user.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Ubiquiti Networks | EdgeMAX | EdgeSwitch X prior to v1.1.1 | affected |
Weaknesses
- CWE-77: Command Injection - Generic (CWE-77)
ADP Enrichment
CVE Program Container
Additional References
- https://hackerone.com/reports/508256
- https://community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeSwitch-X-software-release-v1-1-1/ba-p/2731137
References
- https://hackerone.com/reports/508256
- https://community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeSwitch-X-software-release-v1-1-1/ba-p/2731137
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.