Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from a Cross-Site Request Forgery (CSRF) vulnerability. An attacker with access to an operator (read-only) account could lure an admin (root) user to access the attacker-controlled page, allowing the malicious user to gain admin privileges in the system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ubnt edgeos |