CVSS: 8.8EPSS: 0%CPEs: 51EXPL: 0CVE-2020-8168
https://notcve.org/view.php?id=CVE-2020-8168
26 May 2020 — We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Attackers can abuse multiple end-points not protected against cross-site request forgery (CSRF), as a result authenticated users can be persuaded to visit malicious web pages, which allows attackers to perform arbitrary actions, such as downgrade the device's firmware to older versions, modify... • https://community.ui.com/releases/Security-advisory-bulletin-009-009/c45b6c35-2e0d-4aeb-a9ef-e1d49bcf5fd8 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 6%CPEs: 51EXPL: 0CVE-2020-8171
https://notcve.org/view.php?id=CVE-2020-8171
26 May 2020 — We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:There are certain end-points containing functionalities that are vulnerable to command injection. It is possible to craft an input string that passes the filter check but still contains commands, resulting in remote code execution.Mitigation:Update to the latest AirMax AirOS firmware version a... • https://community.ui.com/releases/Security-advisory-bulletin-011-011/d0d411a5-6dcb-4988-9709-d57f50957261 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 51EXPL: 0CVE-2020-8170
https://notcve.org/view.php?id=CVE-2020-8170
26 May 2020 — We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page. Recie... • https://community.ui.com/releases/Security-advisory-bulletin-010-010/36a8448a-7dbf-4d30-bb54-398c44591dd4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 55%CPEs: 3EXPL: 0CVE-2010-5330 – Ubiquiti AirOS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2010-5330
11 Jun 2019 — On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSync firmware. For example, Nanostation5 (Air OS) is affected. En ciertos dispositivos Ubiquiti, la Inyección de comandos existe a través de una solicitud GET para stainfo.cgi ( conocida como Mostrar información de A... • https://community.ubnt.com/t5/airMAX-General-Discussion/AirOS-Security-Exploit-Updated-Firmware/td-p/212974 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-0938
https://notcve.org/view.php?id=CVE-2017-0938
12 Feb 2019 — Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Discovery Protocol in amplification attacks. Ataque de denegación de servicio (DoS) en airMAX, en versiones anteriores a la 8.3.2 y la 6.0.7; y EdgeMAX, en versiones anteriores a la 1.9.7, permite que los atacantes empleen el protocolo de descubrimiento en ataques de amplificación. • https://community.ubnt.com/t5/airMAX-Updates-Blog/airOS-v6-0-7-Has-Been-Released/ba-p/2056522 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 23%CPEs: 24EXPL: 3CVE-2015-9266 – Ubiquiti airOS HTTP(S) unauthenticated arbitrary file upload
https://notcve.org/view.php?id=CVE-2015-9266
05 Sep 2018 — The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This vulnerability is fixed in the following product versions (fixes released in July 2015, all prior versions are affected): airMAX AC 7.1.3; airMAX M (and airRouter) 5.6.2 XM/XW/TI, 5.5.11 XM/TI, and 5.5.10u2 XW; airGatewa... • https://www.exploit-db.com/exploits/39701 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •