A vulnerability exists in The EdgeMax EdgeSwitch firmware <v1.9.1 where the EdgeSwitch legacy web interface SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HUi Edgemax Firmware
OSUi< 1.9.1Ui Ep S16
OSUiwszystkie wersjeUi Es 12f
OSUiwszystkie wersjeUi Es 16 150w
OSUiwszystkie wersjeUi Es 16 Xg
OSUiwszystkie wersjeUi Es 24 250w
OSUiwszystkie wersjeUi Es 24 500w
OSUiwszystkie wersjeUi Es 24 Lite
OSUiwszystkie wersjeUi Es 48 500w
OSUiwszystkie wersjeUi Es 48 750w
OSUiwszystkie wersjeUi Es 48 Lite
OSUiwszystkie wersjeUi Es 8 150w
OSUiwszystkie wersje
Powiązane podatności
A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-onl...
Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as root.
Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Dis...
An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only us...
DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted c...