CVE-2010-5330

CRITICAL KEV

Ubiquiti - Command Injection

Title source: llm

Description

On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSync firmware. For example, Nanostation5 (Air OS) is affected.

Exploits (1)

exploitdb WORKING POC VERIFIED

by emgent · textwebappshardware

https://www.exploit-db.com/exploits/14146

View Code ZIP pw:eip

References (3)

[Issue Tracking, Patch, Vendor Advisory] https://community.ubnt.com/t5/airMAX-General-Discussion/AirOS-Security-Exploit-Updated-Firmware/td-p/212974

[Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/14146

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-5330

Scores

CVSS v3 9.8

EPSS 0.4359

EPSS Percentile 97.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-04-15

VulnCheck KEV 2019-06-13

InTheWild.io 2022-04-15

ENISA EUVD EUVD-2010-5287

CWE

CWE-77

Status published

Products (1)

ui/airos < 4.0.1

Published Jun 11, 2019

KEV Added Apr 15, 2022

Tracked Since Feb 18, 2026