Metrics
Affected Vendors & Products
Thu, 09 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Web Management Interface. The manipulation of the argument name leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227653 was assigned to this vulnerability. | A vulnerability was detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The impacted element is an unknown function of the component Web Management Interface. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit is now public and may be used. There is ongoing doubt regarding the real existence of this vulnerability. The vendor position is that post-authentication issues are not accepted as vulnerabilities. |
| Title | Ubiquiti EdgeRouter X Web Management Interface command injection | Ubiquiti EdgeRouter X Web Management command injection |
| First Time appeared |
Ubiquiti
Ubiquiti edgerouter X |
|
| Weaknesses | CWE-74 | |
| CPEs | cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Ubiquiti
Ubiquiti edgerouter X |
|
| References |
| |
| Metrics |
cvssV2_0
|
cvssV4_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-09T13:53:18.708Z
Reserved: 2023-04-28T11:30:03.838Z
Link: CVE-2023-2377
No data.
Status : Modified
Published: 2023-04-28T16:15:10.003
Modified: 2026-06-17T05:52:25.190
Link: CVE-2023-2377
No data.
OpenCVE Enrichment
No data.