CVE-2019-5425
N/A
N/A
Summary
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to root.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Ubiquiti Networks | EdgeMAX | EdgeSwitch X prior to v1.1.1 | affected |
Weaknesses
- Privilege Escalation (CAPEC-233)
ADP Enrichment
CVE Program Container
Additional References
- https://hackerone.com/reports/511025
- https://community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeSwitch-X-software-release-v1-1-1/ba-p/2731137
References
- https://hackerone.com/reports/511025
- https://community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeSwitch-X-software-release-v1-1-1/ba-p/2731137
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.