Zurück zur CVE-Übersicht
CVE-2023-2377
HIGH(7.2)CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Risk Signal Score19/100 — NIEDRIG
- CVSS 7.2 — Hoch
EPSS-Score
4%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
7.2
Technische Schwere
Beschreibung
A vulnerability was detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The impacted element is an unknown function of the component Web Management Interface. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit is now public and may be used. There is ongoing doubt regarding the real existence of this vulnerability. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
Referenzen
- https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/9
- https://vuldb.com/cve/CVE-2023-2377
- https://vuldb.com/submit/114081
- https://vuldb.com/vuln/227653
- https://vuldb.com/vuln/227653/cti
- https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/9
- https://vuldb.com/?ctiid.227653
- https://vuldb.com/?id.227653