Vulnerabilities (CVE)

Filtered by vendor Ui Subscribe
Filtered by product Edgemax Edgerouter Firmware
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31998 1 Ui 4 Aircube, Aircube Firmware, Edgemax Edgerouter and 1 more 2024-11-21 N/A 7.5 HIGH
A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices.
CVE-2023-2373 1 Ui 3 Edgemax Edgerouter Firmware, Er-x, Er-x-sfp 2024-11-21 6.5 MEDIUM 6.3 MEDIUM
A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Management Interface. The manipulation of the argument ecn-up leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227649 was assigned to this vulnerability.
CVE-2022-43553 1 Ui 2 Edgemax Edgerouter, Edgemax Edgerouter Firmware 2024-11-21 N/A 8.8 HIGH
A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later.
CVE-2021-22909 1 Ui 2 Edgemax Edgerouter, Edgemax Edgerouter Firmware 2024-11-21 7.6 HIGH 7.5 HIGH
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later.