A vulnerability was found in Ubiquiti (the affected version is unknown) and classified as critical. Affected by this issue is an unknown code of the file stainfo.cgi. The manipulation of the argument ifname as part of a Shell Metacharacter leads to a command injection vulnerability. Using CWE to declare the problem leads to CWE-77. The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. Impacted is confidentiality, integrity, and availability. CVE summarizes:

On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSync firmware. For example, Nanostation5 (Air OS) is affected.

The weakness was shared 06/11/2019. This vulnerability is handled as CVE-2010-5330 since 06/11/2019. The exploitation is known to be easy. The attack may be launched remotely. No form of authentication is required for exploitation. Technical details as well as a exploit are known. The MITRE ATT&CK project declares the attack technique as T1202.

It is declared as highly functional. This issue was added on 04/15/2022 to the CISA Known Exploited Vulnerabilities Catalog with a due date of 05/06/2022:

Apply updates per vendor instructions.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Productinfo

Name

• Ubiquiti

License

• commercial

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion