Ui Er-X-Sfp Firmware vulnerabilities
8 known vulnerabilities affecting ui/er-x-sfp_firmware.
Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH8
Vulnerabilities
Page 1 of 1
CVE-2023-2377P2HIGHCVSS 8.8fixed in 2.0.9v2.0.92023-04-28
CVE-2023-2377 [HIGH] CWE-77 CVE-2023-2377: A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been declared as cri
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Web Management Interface. The manipulation of the argument name leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public
nvd
CVE-2023-2378P2HIGHCVSS 8.8fixed in 2.0.9v2.0.92023-04-28
CVE-2023-2378 [HIGH] CWE-77 CVE-2023-2378: A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been rated as critic
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been rated as critical. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation of the argument suffix-rate-up leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the publi
nvd
CVE-2023-2375P2HIGHCVSS 8.8fixed in 2.0.9v2.0.92023-04-28
CVE-2023-2375 [HIGH] CWE-77 CVE-2023-2375: A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as critical.
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as critical. This issue affects some unknown processing of the component Web Management Interface. The manipulation of the argument src leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The as
nvd
CVE-2023-2374P2HIGHCVSS 8.8fixed in 2.0.9v2.0.92023-04-28
CVE-2023-2374 [HIGH] CWE-77 CVE-2023-2374: A vulnerability has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as criti
A vulnerability has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as critical. This vulnerability affects unknown code of the component Web Management Interface. The manipulation of the argument ecn-down leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used
nvd
CVE-2023-2376P2HIGHCVSS 8.8fixed in 2.0.9v2.0.92023-04-28
CVE-2023-2376 [HIGH] CWE-77 CVE-2023-2376: A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been classified as c
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been classified as critical. Affected is an unknown function of the component Web Management Interface. The manipulation of the argument dpi leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2023-23912P3HIGHCVSS 8.8fixed in 2.0.9v2.0.92023-02-09
CVE-2023-23912 [HIGH] CWE-75 CVE-2023-23912: A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways
A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected device to create a remote code execution vulnerability.
nvd
CVE-2023-2379P3HIGHCVSS 7.5fixed in 2.0.9v2.0.92023-04-28
CVE-2023-2379 [HIGH] CWE-404 CVE-2023-2379: A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6.
A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Service. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulner
nvd
CVE-2019-16889P3HIGHCVSS 7.5fixed in 2.0.32019-09-25
CVE-2019-16889 [HIGH] CWE-770 CVE-2019-16889: Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk cons
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs.
nvd