Format String Vulnerability in the EdgeSwitch restricted CLI
High
U
Ubiquiti Inc.
Submitted None
Team Summary
Official summary from Ubiquiti Inc.
In EdgeSwitch 1.7.3 and prior, an user with admin credentials can make use of specially crafted commands to execute arbitrary shell instructions, bypassing the SSH/TELNET CLI interface.
Actions:
Reported by
maxpl0it
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Use of Externally-Controlled Format String