CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-0934

Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate privileges to admin (root) access in the system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

https://community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeRouter-software-release-v1-9-1-1/ba-p/1910524
https://hackerone.com/reports/241044
https://community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeRouter-software-release-v1-9-1-1/ba-p/1910524
https://hackerone.com/reports/241044

Products affected by CVE-2017-0934

Ubnt » Edgeos » Version: Any

cpe:2.3:o:ubnt:edgeos:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-0934

Products

Pricing

Contact Us