Privilege Escalation with Session Hijacking Having a Non-privileged Valid User
Critical
U
Ubiquiti Inc.
Submitted None
Team Summary
Official summary from Ubiquiti Inc.
EdgeOS version `1.9.1.1` and prior, consequence of lack of protection if the file-system, exposing sensitive information, an attacker with access to an operator (read-only) account, can escalate privileges to admin (root) access in the system.
Actions:
Reported by
hacknroll
Report Details
Additional information and metadata
State
Closed
Substate
Resolved