CVE-2010-5330

CRITICAL KEV

Ubiquiti AirOS < 4.0.1 - Command Injection via stainfo.cgi ifname Parameter

Title source: llm

Exploitation Summary

CVE-2010-5330 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added April 15, 2022. EIP tracks 1 public exploit from researchers including emgent.

AI-analyzed exploit summary This exploit demonstrates a remote command execution vulnerability in Ubiquity Nanostation5 (Air OS) via the 'stainfo.cgi' endpoint. The vulnerability allows an attacker to execute arbitrary commands by injecting them into the 'ifname' parameter, leading to information disclosure such as reading the system configuration file.

Description

On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSync firmware. For example, Nanostation5 (Air OS) is affected.

Exploits (1)

exploitdb WORKING POC VERIFIED

by emgent · textwebappshardware

https://www.exploit-db.com/exploits/14146

View Code ZIP pw:eip

This exploit demonstrates a remote command execution vulnerability in Ubiquity Nanostation5 (Air OS) via the 'stainfo.cgi' endpoint. The vulnerability allows an attacker to execute arbitrary commands by injecting them into the 'ifname' parameter, leading to information disclosure such as reading the system configuration file.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Ubiquity Nanostation5 (Air OS) all firmwares

Auth required

Prerequisites: Access to the web application panel with at least read-only privileges

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-5330

Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/14146

Issue Tracking, Patch, Vendor Advisory x_refsource_misc

https://community.ubnt.com/t5/airMAX-General-Discussion/AirOS-Security-Exploit-Updated-Firmware/td-p/212974

Scores

CVSS v3 9.8

EPSS 0.4276

EPSS Percentile 97.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable yes

Technical Impact total

Details

CISA KEV 2022-04-15

VulnCheck KEV 2019-06-13

InTheWild.io 2022-04-15

ENISA EUVD EUVD-2010-5287

CWE

CWE-77

Status published

Products (1)

ui/airos < 4.0.1

Published Jun 11, 2019

KEV Added Apr 15, 2022

Tracked Since Feb 18, 2026