Signature Detail

Short Name	HTTP:UBIQUITI-AIROS-CE
Severity	High
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	Ubiquiti Networks AirOS Remote Command Execution
Release Date	2012/04/02
Update Number	2109
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Ubiquiti Networks AirOS Remote Command Execution

This signature detects attempts to exploit a known vulnerability against Ubiquiti Networks AirOS. A successful attack can lead to arbitrary command execution.

Extended Description

AirOS is prone to a vulnerability that lets attackers execute arbitrary commands in the context of the application. This issue occurs because the application fails to adequately sanitize user-supplied input. Successful attacks can compromise the affected application and possibly the underlying device.

Affected Products

Ubiquiti Networks, Inc. AirOS 3.6.1
Ubiquiti Networks, Inc. AirOS 4.0
Ubiquiti Networks, Inc. AirOS 5

References

BugTraq: 51178
URL: http://www.ubnt.com/

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Ubiquiti Networks AirOS Remote Command Execution

Extended Description

Affected Products

References