Vulnerability Description
On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSync firmware. For example, Nanostation5 (Air OS) is affected.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ui | Airos | < 4.0.1 |
Related Weaknesses (CWE)
References
- https://community.ubnt.com/t5/airMAX-General-Discussion/AirOS-Security-Exploit-UIssue TrackingPatchVendor Advisory
- https://www.exploit-db.com/exploits/14146Third Party AdvisoryVDB Entry
- https://community.ubnt.com/t5/airMAX-General-Discussion/AirOS-Security-Exploit-UIssue TrackingPatchVendor Advisory
- https://www.exploit-db.com/exploits/14146Third Party AdvisoryVDB Entry
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-US Government Resource
FAQ
What is CVE-2010-5330?
CVE-2010-5330 is a vulnerability with a CVSS score of 9.8 (CRITICAL). On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fix...
How severe is CVE-2010-5330?
CVE-2010-5330 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2010-5330?
Check the references section above for vendor advisories and patch information. Affected products include: Ui Airos.