CVE-2019-5424

EPSS 1.9%CWE-77

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 1.9%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

10 Apr 2019Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root user.

Affected products

Ubiquiti Networks · EdgeMAX

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeSwitch-X-software-release-v1-1-1/ba-p/2731137 https://hackerone.com/reports/508256