Edgeswitch Firmware
CVE-2019-5445
MEDIUM
Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands.
AnalysisAI
DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Uncontrolled Resource Consumption (CWE-400), which allows attackers to cause denial of service by exhausting system resources. DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands. Affected products include: Ui Edgeswitch Firmware. Version information: prior to 1.8.2.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement rate limiting, set resource quotas, validate input sizes, use timeouts.
More in Edgeswitch Firmware
View allA command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to
Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as root. Rated high sever
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized element in an OS command due
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability du
An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could
Same weakness CWE-400 – Uncontrolled Resource Consumption
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today