CVE-2023-2379: Ubiquiti EdgeRouter X Web Service denial of service
First published: Fri Apr 28 2023(Updated: )
A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Service. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227655.
Credit: cna@vuldb.com cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ui Er-x Firmware | <2.0.9 | |
| Ui Er-x Firmware | =2.0.9 | |
| Ui Er-x Firmware | =2.0.9-hotfix2 | |
| Ui Er-x Firmware | =2.0.9-hotfix3 | |
| Ui Er-x Firmware | =2.0.9-hotfix4 | |
| Ui Er-x Firmware | =2.0.9-hotfix5 | |
| Ui Er-x Firmware | =2.0.9-hotfix6 | |
| Ui Er-x | ||
| Ui Er-x-sfp Firmware | <2.0.9 | |
| Ui Er-x-sfp Firmware | =2.0.9 | |
| Ui Er-x-sfp Firmware | =2.0.9-hotfix2 | |
| Ui Er-x-sfp Firmware | =2.0.9-hotfix3 | |
| Ui Er-x-sfp Firmware | =2.0.9-hotfix4 | |
| Ui Er-x-sfp Firmware | =2.0.9-hotfix5 | |
| Ui Er-x-sfp Firmware | =2.0.9-hotfix6 | |
| Ui Er-x-sfp | ||
| All of | ||
| Any of | ||
| Ui Er-x Firmware | <2.0.9 | |
| Ui Er-x Firmware | =2.0.9 | |
| Ui Er-x Firmware | =2.0.9-hotfix2 | |
| Ui Er-x Firmware | =2.0.9-hotfix3 | |
| Ui Er-x Firmware | =2.0.9-hotfix4 | |
| Ui Er-x Firmware | =2.0.9-hotfix5 | |
| Ui Er-x Firmware | =2.0.9-hotfix6 | |
| Ui Er-x | ||
| All of | ||
| Any of | ||
| Ui Er-x-sfp Firmware | <2.0.9 | |
| Ui Er-x-sfp Firmware | =2.0.9 | |
| Ui Er-x-sfp Firmware | =2.0.9-hotfix2 | |
| Ui Er-x-sfp Firmware | =2.0.9-hotfix3 | |
| Ui Er-x-sfp Firmware | =2.0.9-hotfix4 | |
| Ui Er-x-sfp Firmware | =2.0.9-hotfix5 | |
| Ui Er-x-sfp Firmware | =2.0.9-hotfix6 | |
| Ui Er-x-sfp |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-2379?
The severity of CVE-2023-2379 is high with a severity value of 7.5.
Is Ubiquiti EdgeRouter X affected by CVE-2023-2379?
Yes, Ubiquiti EdgeRouter X up to version 2.0.9-hotfix.6 is affected by CVE-2023-2379.
How can the CVE-2023-2379 vulnerability be exploited?
The CVE-2023-2379 vulnerability can be exploited remotely to cause denial of service.
What is the recommended solution for CVE-2023-2379?
Users should update their Ubiquiti EdgeRouter X firmware to a version that is not affected by CVE-2023-2379.
Where can I find more information about CVE-2023-2379?
More information about CVE-2023-2379 can be found at the following references: [Link 1](https://github.com/leetsun/IoT/tree/main/EdgeRouterX/DoS), [Link 2](https://vuldb.com/?ctiid.227655), [Link 3](https://vuldb.com/?id.227655).
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/title
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/ui
- canonical/ui er-x firmware
- version/ui er-x firmware/2.0.9
- version/ui er-x firmware/2.0.9-hotfix2
- version/ui er-x firmware/2.0.9-hotfix3
- version/ui er-x firmware/2.0.9-hotfix4
- version/ui er-x firmware/2.0.9-hotfix5
- version/ui er-x firmware/2.0.9-hotfix6
- canonical/ui er-x
- canonical/ui er-x-sfp firmware
- version/ui er-x-sfp firmware/2.0.9
- version/ui er-x-sfp firmware/2.0.9-hotfix2
- version/ui er-x-sfp firmware/2.0.9-hotfix3
- version/ui er-x-sfp firmware/2.0.9-hotfix4
- version/ui er-x-sfp firmware/2.0.9-hotfix5
- version/ui er-x-sfp firmware/2.0.9-hotfix6
- canonical/ui er-x-sfp