Description
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" (SOCKS proxy) functionalities. Remote attackers without credentials can exploit this bug to access local services or forward traffic through the device if SSH is enabled in the system settings.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://hackerone.com/reports/512958
Patch, Vendor Advisory x_refsource_confirm
https://community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeSwitch-X-software-release-v1-1-1/ba-p/2731137
Scores
CVSS v3
4.8
EPSS
0.0081
EPSS Percentile
52.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-287
Status
published
Products (1)
ui/edgeswitch_x
< 1.1.0
Published
Apr 10, 2019
Tracked Since
Feb 18, 2026