Skip to main content

Edgeswitch X

3 CVEs product

Monthly

CVE-2019-5426 MEDIUM PATCH This Month

In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" (SOCKS proxy) functionalities. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Ubiquiti Edgeswitch X
NVD
CVSS 3.1
4.8
EPSS
0.8%
CVE-2019-5425 HIGH PATCH This Week

In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Ubiquiti Command Injection Edgeswitch X
NVD
CVSS 3.0
8.8
EPSS
1.9%
CVE-2019-5424 HIGH PATCH This Week

In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Ubiquiti Command Injection Edgeswitch X
NVD
CVSS 3.1
8.8
EPSS
1.9%
EPSS 1% CVSS 4.8
MEDIUM PATCH This Month

In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" (SOCKS proxy) functionalities. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Ubiquiti Edgeswitch X
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Ubiquiti Command Injection Edgeswitch X
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Ubiquiti Command Injection Edgeswitch X
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy