CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-5265

Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.029

EPSS Ranking 85.7%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://www.red4sec.com/cve/edgerouter_lite.txt
https://www.red4sec.com/cve/edgerouter_lite.txt

Products affected by CVE-2018-5265

Ui » Erlite-3 » Version: N/A

cpe:2.3:h:ui:erlite-3:-
Ui » Edgeos » Version: 1.9.1

cpe:2.3:o:ui:edgeos:1.9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5265

Products

Pricing

Contact Us