CVE-2020-8170
N/A
N/A
Summary
We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | AirMax AirOS for TI, XW and XM boards | Affected firmware versions are v6.2.0 and prior | affected |
| n/a | AirMax AirOS for TI, XW and XM boards | Fixed firmware version is v6.3.0 | affected |
Weaknesses
- CWE-79: Cross-site Scripting (XSS) - Reflected (CWE-79)
ADP Enrichment
CVE Program Container
Additional References
- https://www.ui.com/download/airmax-m
- https://community.ui.com/releases/Security-advisory-bulletin-010-010/36a8448a-7dbf-4d30-bb54-398c44591dd4
- https://community.ui.com/releases/airMAX-M-v6-3-0/c8d5dec9-4030-4d7e-b23f-6a5b35ed3d83
References
- https://www.ui.com/download/airmax-m
- https://community.ui.com/releases/Security-advisory-bulletin-010-010/36a8448a-7dbf-4d30-bb54-398c44591dd4
- https://community.ui.com/releases/airMAX-M-v6-3-0/c8d5dec9-4030-4d7e-b23f-6a5b35ed3d83
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.