Vulnerabilities (CVE)

Filtered by vendor Ui Subscribe
Filtered by product Erlite-3
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-16889 1 Ui 24 Ep-r6, Ep-r6 Firmware, Ep-r8 and 21 more 2024-11-21 7.8 HIGH 7.5 HIGH
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs.
CVE-2018-5265 1 Ui 2 Edgeos, Erlite-3 2024-11-21 6.5 MEDIUM 7.2 HIGH
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters.