Search
Find a vulnerability
Search criteria
16 vulnerabilities found for er-x_firmware by ui
CVE-2023-2379 (GCVE-0-2023-2379)
Vulnerability from nvd – Published: 2023-04-28 16:31 – Updated: 2025-01-30 19:26
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Service denial of service
Summary
A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Service. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227655.
Severity
7.5 (High)
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-404 - Denial of Service
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.227655 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.227655 | signaturepermissions-required |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227655"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227655"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/DoS"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:26:03.623156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:26:09.486Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Web Service"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Service. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227655."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Ubiquiti EdgeRouter X bis 2.0.9-hotfix.6 entdeckt. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Komponente Web Service. Durch Beeinflussen mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T07:19:43.737Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.227655"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.227655"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/DoS"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-05-21T16:14:21.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Service denial of service"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2379",
"datePublished": "2023-04-28T16:31:03.591Z",
"dateReserved": "2023-04-28T11:30:10.404Z",
"dateUpdated": "2025-01-30T19:26:09.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2378 (GCVE-0-2023-2378)
Vulnerability from nvd – Published: 2023-04-28 16:00 – Updated: 2026-07-09 13:53 Disputed
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Management command injection
Summary
A flaw has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown function of the component Web Management Interface. This manipulation of the argument suffix-rate-up causes command injection. The attack may be initiated remotely. The exploit has been published and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
Severity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/227654 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/227654/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2023-2378 | third-party-advisory |
| https://vuldb.com/submit/114072 | third-party-advisory |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
| https://vuldb.com/?id.227654 | vdb-entrytechnical-descriptionx_transferred |
| https://vuldb.com/?ctiid.227654 | signaturepermissions-requiredx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227654"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227654"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"
],
"modules": [
"Web Management Interface"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown function of the component Web Management Interface. This manipulation of the argument suffix-rate-up causes command injection. The attack may be initiated remotely. The exploit has been published and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor position is that post-authentication issues are not accepted as vulnerabilities."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T13:53:21.447Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-227654 | Ubiquiti EdgeRouter X Web Management command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/227654"
},
{
"name": "VDB-227654 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/227654/cti"
},
{
"name": "CVE-2023-2378 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2023-2378"
},
{
"name": "Submit #114072 | Command injection at the web management interface of EdgeRouter-x(4)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/114072"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/4"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-09T15:56:56.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Management command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2378",
"datePublished": "2023-04-28T16:00:04.575Z",
"dateReserved": "2023-04-28T11:30:06.728Z",
"dateUpdated": "2026-07-09T13:53:21.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2377 (GCVE-0-2023-2377)
Vulnerability from nvd – Published: 2023-04-28 15:31 – Updated: 2026-07-09 13:53 Disputed
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Management command injection
Summary
A vulnerability was detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The impacted element is an unknown function of the component Web Management Interface. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit is now public and may be used. There is ongoing doubt regarding the real existence of this vulnerability. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
Severity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/227653 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/227653/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2023-2377 | third-party-advisory |
| https://vuldb.com/submit/114081 | third-party-advisory |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
| https://vuldb.com/?id.227653 | vdb-entrytechnical-descriptionx_transferred |
| https://vuldb.com/?ctiid.227653 | signaturepermissions-requiredx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227653"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227653"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"
],
"modules": [
"Web Management Interface"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The impacted element is an unknown function of the component Web Management Interface. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit is now public and may be used. There is ongoing doubt regarding the real existence of this vulnerability. The vendor position is that post-authentication issues are not accepted as vulnerabilities."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T13:53:18.708Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-227653 | Ubiquiti EdgeRouter X Web Management command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/227653"
},
{
"name": "VDB-227653 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/227653/cti"
},
{
"name": "CVE-2023-2377 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2023-2377"
},
{
"name": "Submit #114081 | Command injection at the web management interface of EdgeRouter-x(9)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/114081"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/9"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-09T15:56:32.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Management command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2377",
"datePublished": "2023-04-28T15:31:03.377Z",
"dateReserved": "2023-04-28T11:30:03.838Z",
"dateUpdated": "2026-07-09T13:53:18.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2376 (GCVE-0-2023-2376)
Vulnerability from nvd – Published: 2023-04-28 15:00 – Updated: 2026-07-09 13:53 Disputed
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Management command injection
Summary
A security vulnerability has been detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The affected element is an unknown function of the component Web Management Interface. The manipulation of the argument dpi leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. There are still doubts about whether this vulnerability truly exists. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
Severity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/227652 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/227652/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2023-2376 | third-party-advisory |
| https://vuldb.com/submit/114078 | third-party-advisory |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
| https://vuldb.com/?id.227652 | vdb-entrytechnical-descriptionx_transferred |
| https://vuldb.com/?ctiid.227652 | signaturepermissions-requiredx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:15.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227652"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227652"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"
],
"modules": [
"Web Management Interface"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The affected element is an unknown function of the component Web Management Interface. The manipulation of the argument dpi leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. There are still doubts about whether this vulnerability truly exists. The vendor position is that post-authentication issues are not accepted as vulnerabilities."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T13:53:15.750Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-227652 | Ubiquiti EdgeRouter X Web Management command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/227652"
},
{
"name": "VDB-227652 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/227652/cti"
},
{
"name": "CVE-2023-2376 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2023-2376"
},
{
"name": "Submit #114078 | Command injection at the web management interface of EdgeRouter-x(8)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/114078"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/8"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-09T15:55:58.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Management command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2376",
"datePublished": "2023-04-28T15:00:08.881Z",
"dateReserved": "2023-04-28T11:29:59.758Z",
"dateUpdated": "2026-07-09T13:53:15.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2375 (GCVE-0-2023-2375)
Vulnerability from nvd – Published: 2023-04-28 15:00 – Updated: 2026-07-09 13:53 Disputed
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Management command injection
Summary
A weakness has been identified in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. Impacted is an unknown function of the component Web Management Interface. Executing a manipulation of the argument src can lead to command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The presence of this vulnerability remains uncertain at this time. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
Severity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/227651 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/227651/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2023-2375 | third-party-advisory |
| https://vuldb.com/submit/114077 | third-party-advisory |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
| https://vuldb.com/?id.227651 | vdb-entrytechnical-descriptionx_transferred |
| https://vuldb.com/?ctiid.227651 | signaturepermissions-requiredx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:15.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227651"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227651"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"
],
"modules": [
"Web Management Interface"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. Impacted is an unknown function of the component Web Management Interface. Executing a manipulation of the argument src can lead to command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The presence of this vulnerability remains uncertain at this time. The vendor position is that post-authentication issues are not accepted as vulnerabilities."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T13:53:12.606Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-227651 | Ubiquiti EdgeRouter X Web Management command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/227651"
},
{
"name": "VDB-227651 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/227651/cti"
},
{
"name": "CVE-2023-2375 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2023-2375"
},
{
"name": "Submit #114077 | Command injection at the web management interface of EdgeRouter-x(7)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/114077"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/7"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-09T15:54:29.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Management command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2375",
"datePublished": "2023-04-28T15:00:07.068Z",
"dateReserved": "2023-04-28T11:29:56.309Z",
"dateUpdated": "2026-07-09T13:53:12.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2374 (GCVE-0-2023-2374)
Vulnerability from nvd – Published: 2023-04-28 14:31 – Updated: 2026-07-09 13:53 Disputed
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Management command injection
Summary
A security flaw has been discovered in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This issue affects some unknown processing of the component Web Management Interface. Performing a manipulation of the argument ecn-down results in command injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The existence of this vulnerability is still disputed at present. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
Severity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/227650 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/227650/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2023-2374 | third-party-advisory |
| https://vuldb.com/submit/114075 | third-party-advisory |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
| https://vuldb.com/?id.227650 | vdb-entrytechnical-descriptionx_transferred |
| https://vuldb.com/?ctiid.227650 | signaturepermissions-requiredx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227650"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227650"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"
],
"modules": [
"Web Management Interface"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This issue affects some unknown processing of the component Web Management Interface. Performing a manipulation of the argument ecn-down results in command injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The existence of this vulnerability is still disputed at present. The vendor position is that post-authentication issues are not accepted as vulnerabilities."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T13:53:09.733Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-227650 | Ubiquiti EdgeRouter X Web Management command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/227650"
},
{
"name": "VDB-227650 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/227650/cti"
},
{
"name": "CVE-2023-2374 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2023-2374"
},
{
"name": "Submit #114075 | Command injection at the web management interface of EdgeRouter-x(6)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/114075"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/6"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-09T15:54:02.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Management command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2374",
"datePublished": "2023-04-28T14:31:04.038Z",
"dateReserved": "2023-04-28T11:29:52.832Z",
"dateUpdated": "2026-07-09T13:53:09.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-23912 (GCVE-0-2023-23912)
Vulnerability from nvd – Published: 2023-02-09 00:00 – Updated: 2025-03-24 19:02
VLAI
EPSS
VEX
Summary
A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected device to create a remote code execution vulnerability.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Ubiquiti EdgeRouter(s) and USG(s) |
Affected:
EdgeRouter(s) Version 2.0.9-hotfix.6 or later and USG(s) to Version 4.4.57 or later
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.060Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-028-028/696e4e3b-718c-4da4-9a21-965a85633b5f"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-23912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-24T19:01:41.360781Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-24T19:02:10.197Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Ubiquiti EdgeRouter(s) and USG(s)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EdgeRouter(s) Version 2.0.9-hotfix.6 or later and USG(s) to Version 4.4.57 or later"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected device to create a remote code execution vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-75",
"description": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) (CWE-75)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-09T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-028-028/696e4e3b-718c-4da4-9a21-965a85633b5f"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-23912",
"datePublished": "2023-02-09T00:00:00.000Z",
"dateReserved": "2023-01-19T00:00:00.000Z",
"dateUpdated": "2025-03-24T19:02:10.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16889 (GCVE-0-2019-16889)
Vulnerability from nvd – Published: 2019-09-25 19:51 – Updated: 2024-08-05 01:24
VLAI
EPSS
VEX
Summary
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://mjlanders.com/2019/07/28/resource-consump… | x_refsource_MISC |
| https://hackerone.com/reports/406614 | x_refsource_MISC |
| https://community.ui.com/releases/New-EdgeRouter-… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:48.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://mjlanders.com/2019/07/28/resource-consumption-dos-on-edgemax-v1-10-6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/406614"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/New-EdgeRouter-firmware-2-0-3-has-been-released-2-0-3/e8badd28-a112-4269-9fb6-ffe3fc0e1643"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T19:51:38.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://mjlanders.com/2019/07/28/resource-consumption-dos-on-edgemax-v1-10-6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/406614"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/New-EdgeRouter-firmware-2-0-3-has-been-released-2-0-3/e8badd28-a112-4269-9fb6-ffe3fc0e1643"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://mjlanders.com/2019/07/28/resource-consumption-dos-on-edgemax-v1-10-6/",
"refsource": "MISC",
"url": "https://mjlanders.com/2019/07/28/resource-consumption-dos-on-edgemax-v1-10-6/"
},
{
"name": "https://hackerone.com/reports/406614",
"refsource": "MISC",
"url": "https://hackerone.com/reports/406614"
},
{
"name": "https://community.ui.com/releases/New-EdgeRouter-firmware-2-0-3-has-been-released-2-0-3/e8badd28-a112-4269-9fb6-ffe3fc0e1643",
"refsource": "MISC",
"url": "https://community.ui.com/releases/New-EdgeRouter-firmware-2-0-3-has-been-released-2-0-3/e8badd28-a112-4269-9fb6-ffe3fc0e1643"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16889",
"datePublished": "2019-09-25T19:51:38.000Z",
"dateReserved": "2019-09-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:24:48.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2379 (GCVE-0-2023-2379)
Vulnerability from cvelistv5 – Published: 2023-04-28 16:31 – Updated: 2025-01-30 19:26
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Service denial of service
Summary
A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Service. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227655.
Severity
7.5 (High)
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-404 - Denial of Service
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.227655 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.227655 | signaturepermissions-required |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227655"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227655"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/DoS"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:26:03.623156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:26:09.486Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Web Service"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Service. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227655."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Ubiquiti EdgeRouter X bis 2.0.9-hotfix.6 entdeckt. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Komponente Web Service. Durch Beeinflussen mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T07:19:43.737Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.227655"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.227655"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/DoS"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-05-21T16:14:21.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Service denial of service"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2379",
"datePublished": "2023-04-28T16:31:03.591Z",
"dateReserved": "2023-04-28T11:30:10.404Z",
"dateUpdated": "2025-01-30T19:26:09.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2378 (GCVE-0-2023-2378)
Vulnerability from cvelistv5 – Published: 2023-04-28 16:00 – Updated: 2026-07-09 13:53 Disputed
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Management command injection
Summary
A flaw has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown function of the component Web Management Interface. This manipulation of the argument suffix-rate-up causes command injection. The attack may be initiated remotely. The exploit has been published and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
Severity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/227654 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/227654/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2023-2378 | third-party-advisory |
| https://vuldb.com/submit/114072 | third-party-advisory |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
| https://vuldb.com/?id.227654 | vdb-entrytechnical-descriptionx_transferred |
| https://vuldb.com/?ctiid.227654 | signaturepermissions-requiredx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227654"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227654"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"
],
"modules": [
"Web Management Interface"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown function of the component Web Management Interface. This manipulation of the argument suffix-rate-up causes command injection. The attack may be initiated remotely. The exploit has been published and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor position is that post-authentication issues are not accepted as vulnerabilities."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T13:53:21.447Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-227654 | Ubiquiti EdgeRouter X Web Management command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/227654"
},
{
"name": "VDB-227654 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/227654/cti"
},
{
"name": "CVE-2023-2378 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2023-2378"
},
{
"name": "Submit #114072 | Command injection at the web management interface of EdgeRouter-x(4)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/114072"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/4"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-09T15:56:56.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Management command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2378",
"datePublished": "2023-04-28T16:00:04.575Z",
"dateReserved": "2023-04-28T11:30:06.728Z",
"dateUpdated": "2026-07-09T13:53:21.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2377 (GCVE-0-2023-2377)
Vulnerability from cvelistv5 – Published: 2023-04-28 15:31 – Updated: 2026-07-09 13:53 Disputed
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Management command injection
Summary
A vulnerability was detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The impacted element is an unknown function of the component Web Management Interface. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit is now public and may be used. There is ongoing doubt regarding the real existence of this vulnerability. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
Severity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/227653 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/227653/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2023-2377 | third-party-advisory |
| https://vuldb.com/submit/114081 | third-party-advisory |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
| https://vuldb.com/?id.227653 | vdb-entrytechnical-descriptionx_transferred |
| https://vuldb.com/?ctiid.227653 | signaturepermissions-requiredx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227653"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227653"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"
],
"modules": [
"Web Management Interface"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The impacted element is an unknown function of the component Web Management Interface. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit is now public and may be used. There is ongoing doubt regarding the real existence of this vulnerability. The vendor position is that post-authentication issues are not accepted as vulnerabilities."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T13:53:18.708Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-227653 | Ubiquiti EdgeRouter X Web Management command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/227653"
},
{
"name": "VDB-227653 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/227653/cti"
},
{
"name": "CVE-2023-2377 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2023-2377"
},
{
"name": "Submit #114081 | Command injection at the web management interface of EdgeRouter-x(9)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/114081"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/9"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-09T15:56:32.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Management command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2377",
"datePublished": "2023-04-28T15:31:03.377Z",
"dateReserved": "2023-04-28T11:30:03.838Z",
"dateUpdated": "2026-07-09T13:53:18.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2376 (GCVE-0-2023-2376)
Vulnerability from cvelistv5 – Published: 2023-04-28 15:00 – Updated: 2026-07-09 13:53 Disputed
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Management command injection
Summary
A security vulnerability has been detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The affected element is an unknown function of the component Web Management Interface. The manipulation of the argument dpi leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. There are still doubts about whether this vulnerability truly exists. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
Severity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/227652 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/227652/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2023-2376 | third-party-advisory |
| https://vuldb.com/submit/114078 | third-party-advisory |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
| https://vuldb.com/?id.227652 | vdb-entrytechnical-descriptionx_transferred |
| https://vuldb.com/?ctiid.227652 | signaturepermissions-requiredx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:15.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227652"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227652"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"
],
"modules": [
"Web Management Interface"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The affected element is an unknown function of the component Web Management Interface. The manipulation of the argument dpi leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. There are still doubts about whether this vulnerability truly exists. The vendor position is that post-authentication issues are not accepted as vulnerabilities."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T13:53:15.750Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-227652 | Ubiquiti EdgeRouter X Web Management command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/227652"
},
{
"name": "VDB-227652 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/227652/cti"
},
{
"name": "CVE-2023-2376 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2023-2376"
},
{
"name": "Submit #114078 | Command injection at the web management interface of EdgeRouter-x(8)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/114078"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/8"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-09T15:55:58.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Management command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2376",
"datePublished": "2023-04-28T15:00:08.881Z",
"dateReserved": "2023-04-28T11:29:59.758Z",
"dateUpdated": "2026-07-09T13:53:15.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2375 (GCVE-0-2023-2375)
Vulnerability from cvelistv5 – Published: 2023-04-28 15:00 – Updated: 2026-07-09 13:53 Disputed
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Management command injection
Summary
A weakness has been identified in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. Impacted is an unknown function of the component Web Management Interface. Executing a manipulation of the argument src can lead to command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The presence of this vulnerability remains uncertain at this time. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
Severity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/227651 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/227651/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2023-2375 | third-party-advisory |
| https://vuldb.com/submit/114077 | third-party-advisory |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
| https://vuldb.com/?id.227651 | vdb-entrytechnical-descriptionx_transferred |
| https://vuldb.com/?ctiid.227651 | signaturepermissions-requiredx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:15.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227651"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227651"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"
],
"modules": [
"Web Management Interface"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. Impacted is an unknown function of the component Web Management Interface. Executing a manipulation of the argument src can lead to command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The presence of this vulnerability remains uncertain at this time. The vendor position is that post-authentication issues are not accepted as vulnerabilities."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T13:53:12.606Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-227651 | Ubiquiti EdgeRouter X Web Management command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/227651"
},
{
"name": "VDB-227651 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/227651/cti"
},
{
"name": "CVE-2023-2375 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2023-2375"
},
{
"name": "Submit #114077 | Command injection at the web management interface of EdgeRouter-x(7)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/114077"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/7"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-09T15:54:29.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Management command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2375",
"datePublished": "2023-04-28T15:00:07.068Z",
"dateReserved": "2023-04-28T11:29:56.309Z",
"dateUpdated": "2026-07-09T13:53:12.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2374 (GCVE-0-2023-2374)
Vulnerability from cvelistv5 – Published: 2023-04-28 14:31 – Updated: 2026-07-09 13:53 Disputed
VLAI
EPSS
VEX
Title
Ubiquiti EdgeRouter X Web Management command injection
Summary
A security flaw has been discovered in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This issue affects some unknown processing of the component Web Management Interface. Performing a manipulation of the argument ecn-down results in command injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The existence of this vulnerability is still disputed at present. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
Severity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/227650 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/227650/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2023-2374 | third-party-advisory |
| https://vuldb.com/submit/114075 | third-party-advisory |
| https://github.com/leetsun/IoT/tree/main/EdgeRout… | broken-linkexploit |
| https://vuldb.com/?id.227650 | vdb-entrytechnical-descriptionx_transferred |
| https://vuldb.com/?ctiid.227650 | signaturepermissions-requiredx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti | EdgeRouter X |
Affected:
2.0.9-hotfix.0
Affected: 2.0.9-hotfix.1 Affected: 2.0.9-hotfix.2 Affected: 2.0.9-hotfix.3 Affected: 2.0.9-hotfix.4 Affected: 2.0.9-hotfix.5 Affected: 2.0.9-hotfix.6 cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.227650"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.227650"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"
],
"modules": [
"Web Management Interface"
],
"product": "EdgeRouter X",
"vendor": "Ubiquiti",
"versions": [
{
"status": "affected",
"version": "2.0.9-hotfix.0"
},
{
"status": "affected",
"version": "2.0.9-hotfix.1"
},
{
"status": "affected",
"version": "2.0.9-hotfix.2"
},
{
"status": "affected",
"version": "2.0.9-hotfix.3"
},
{
"status": "affected",
"version": "2.0.9-hotfix.4"
},
{
"status": "affected",
"version": "2.0.9-hotfix.5"
},
{
"status": "affected",
"version": "2.0.9-hotfix.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leetmoon (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This issue affects some unknown processing of the component Web Management Interface. Performing a manipulation of the argument ecn-down results in command injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The existence of this vulnerability is still disputed at present. The vendor position is that post-authentication issues are not accepted as vulnerabilities."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T13:53:09.733Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-227650 | Ubiquiti EdgeRouter X Web Management command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/227650"
},
{
"name": "VDB-227650 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/227650/cti"
},
{
"name": "CVE-2023-2374 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2023-2374"
},
{
"name": "Submit #114075 | Command injection at the web management interface of EdgeRouter-x(6)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/114075"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/6"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-28T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-09T15:54:02.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ubiquiti EdgeRouter X Web Management command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2374",
"datePublished": "2023-04-28T14:31:04.038Z",
"dateReserved": "2023-04-28T11:29:52.832Z",
"dateUpdated": "2026-07-09T13:53:09.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-23912 (GCVE-0-2023-23912)
Vulnerability from cvelistv5 – Published: 2023-02-09 00:00 – Updated: 2025-03-24 19:02
VLAI
EPSS
VEX
Summary
A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected device to create a remote code execution vulnerability.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Ubiquiti EdgeRouter(s) and USG(s) |
Affected:
EdgeRouter(s) Version 2.0.9-hotfix.6 or later and USG(s) to Version 4.4.57 or later
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.060Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-028-028/696e4e3b-718c-4da4-9a21-965a85633b5f"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-23912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-24T19:01:41.360781Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-24T19:02:10.197Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Ubiquiti EdgeRouter(s) and USG(s)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EdgeRouter(s) Version 2.0.9-hotfix.6 or later and USG(s) to Version 4.4.57 or later"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected device to create a remote code execution vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-75",
"description": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) (CWE-75)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-09T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-028-028/696e4e3b-718c-4da4-9a21-965a85633b5f"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-23912",
"datePublished": "2023-02-09T00:00:00.000Z",
"dateReserved": "2023-01-19T00:00:00.000Z",
"dateUpdated": "2025-03-24T19:02:10.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16889 (GCVE-0-2019-16889)
Vulnerability from cvelistv5 – Published: 2019-09-25 19:51 – Updated: 2024-08-05 01:24
VLAI
EPSS
VEX
Summary
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://mjlanders.com/2019/07/28/resource-consump… | x_refsource_MISC |
| https://hackerone.com/reports/406614 | x_refsource_MISC |
| https://community.ui.com/releases/New-EdgeRouter-… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:48.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://mjlanders.com/2019/07/28/resource-consumption-dos-on-edgemax-v1-10-6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/406614"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/New-EdgeRouter-firmware-2-0-3-has-been-released-2-0-3/e8badd28-a112-4269-9fb6-ffe3fc0e1643"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T19:51:38.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://mjlanders.com/2019/07/28/resource-consumption-dos-on-edgemax-v1-10-6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/406614"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/New-EdgeRouter-firmware-2-0-3-has-been-released-2-0-3/e8badd28-a112-4269-9fb6-ffe3fc0e1643"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://mjlanders.com/2019/07/28/resource-consumption-dos-on-edgemax-v1-10-6/",
"refsource": "MISC",
"url": "https://mjlanders.com/2019/07/28/resource-consumption-dos-on-edgemax-v1-10-6/"
},
{
"name": "https://hackerone.com/reports/406614",
"refsource": "MISC",
"url": "https://hackerone.com/reports/406614"
},
{
"name": "https://community.ui.com/releases/New-EdgeRouter-firmware-2-0-3-has-been-released-2-0-3/e8badd28-a112-4269-9fb6-ffe3fc0e1643",
"refsource": "MISC",
"url": "https://community.ui.com/releases/New-EdgeRouter-firmware-2-0-3-has-been-released-2-0-3/e8badd28-a112-4269-9fb6-ffe3fc0e1643"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16889",
"datePublished": "2019-09-25T19:51:38.000Z",
"dateReserved": "2019-09-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:24:48.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}