What is CVE-2010-5330?

CVE-2010-5330 is a vulnerability titled Ubiquiti AirOS Command Injection Vulnerability.

What is the severity of CVE-2010-5330?

CVE-2010-5330 has a severity rating of 9.8 (critical).

How does CVE-2010-5330 affect Ubiquiti AirOS devices?

CVE-2010-5330 affects certain Ubiquiti AirOS devices by allowing command injection via a GET request to stainfo.cgi.

Which versions of Ubiquiti AirOS are affected by CVE-2010-5330?

Versions up to and including v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSync are affected by CVE-2010-5330.

Vulnerability/
CVE-2010-5330

Exploited

critical

9.8

CWE

11/6/2019

21/11/2024

CVE-2010-5330: Ubiquiti AirOS Command Injection Vulnerability

Q: How can I fix the Ubiquiti AirOS Command Injection Vulnerability (CVE-2010-5330)?

To fix CVE-2010-5330, you should update your Ubiquiti AirOS devices to the fixed versions: v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSync.

First published: Tue Jun 11 2019(Updated: )

Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Ui Airos	>=5.3.6<5.4.5
Ui Airos	>=4.0.2<5.3.5
Ui Airos	<4.0.1
	<4.0.1
	>=4.0.2<5.3.5
	>=5.3.6<5.4.5
Ubiquiti AirOS

Remedy

https://community.ubnt.com/t5/airMAX-General-Discussion/AirOS-Security-Exploit-Updated-Firmware/td-p/212974

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2010-5330?
CVE-2010-5330 is a vulnerability titled Ubiquiti AirOS Command Injection Vulnerability.
What is the severity of CVE-2010-5330?
CVE-2010-5330 has a severity rating of 9.8 (critical).
How does CVE-2010-5330 affect Ubiquiti AirOS devices?
CVE-2010-5330 affects certain Ubiquiti AirOS devices by allowing command injection via a GET request to stainfo.cgi.
Which versions of Ubiquiti AirOS are affected by CVE-2010-5330?
Versions up to and including v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSync are affected by CVE-2010-5330.
How can I fix the Ubiquiti AirOS Command Injection Vulnerability (CVE-2010-5330)?
To fix CVE-2010-5330, you should update your Ubiquiti AirOS devices to the fixed versions: v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSync.

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/softwarecombine
agent/title
agent/severity
agent/remedy
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/tags
agent/first-publish-date
agent/event
collector/nvd-cve
source/NVD
exploited/true
collector/cisa-known-exploited
source/CISA
agent/software-canonical-lookup
vendor/ui
canonical/ui airos
version/ui airos/5.3.6
version/ui airos/4.0.2
vendor/ubiquiti
canonical/ubiquiti airos

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.