VYPR
Unrated severityNVD Advisory· Published Jun 7, 2019· Updated Aug 5, 2024

CVE-2018-5265

CVE-2018-5265

Description

Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Ubiquiti/EdgeRouter Litedescription
  • Range: = 1.9.1 on EdgeRouter Lite

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.