Pricing
Contact
Login
Start Free Trial
Research Center
CVE-2020-21883 Research Center
topia vulnerability management banner 11.png

CVE-2020-21883

Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover.

  • 8.8 critical severity
  • CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  • 09/04/2021

Operating Systems 5

Un

Unibox U50 Firmware

by Indionetworks

1 Version

a year ago

Un

Unibox U500 Firmware

by Indionetworks

1 Version

a year ago

Un

Unibox U1000 Firmware

by Indionetworks

1 Version

a year ago

Un

Unibox U2500 Firmware

by Indionetworks

1 Version

a year ago

Un

Unibox U5000 Firmware

by Indionetworks

1 Version

a year ago

Vulnerability Categories 1

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

xTags 5

#easy_to_exploit
#known_vulnerability
#confidentiality_impact_if_exploited
#integrity_impact_if_exploited
#availability_impact_if_exploited

Advisory Links 3

http://wifi-soft.com
https://s3curityb3ast.github.io/KSA-Dev-009.txt
https://www.mail-archive.com/fulldisclosure@seclists.org/msg07140.html
http://www.vicarius.io is owned and operated by Vicarius Ltd. (the “Company”). All information contained on the Website is purely for informational, and educational purposes and should be independently verified and confirmed. Vicarius does not accept any liability for any loss or damage whatsoever caused in reliance upon such information or services. No statements or information presented in any form by Vicarius is intended as fact, and you agree that you will not consider the statements or information presented on the Website as fact or as a guarantee of performance.

Related CVEs

Security Research Topics

By Jenny R
Aug 14, 2022

Session Management Attacks - Part two

This article is the second part of the Session Management topic. The focus is on prevention practices, with one particular example of inactivity timer implementation!
By Wilson Corbett
Aug 12, 2022

Vulnerability Scanners 101: The Basics of Vulnerability Scanning

Storing data on an organization’s network is not an easy feat. Companies want their network as secure as possible, identifying loopholes and weak points to uncover and address vulnerabilities that cyber attackers can exploit. This need for protection is where Vulnerability Scanners enter the picture.
By Kent Weigle
Aug 12, 2022

CISAnalysis 12 August 2022

Zimbra Collaboration is back on CISA's shi... I mean Known Exploited Vulnerabilities Catalog. Today's theme is remote code execution without authentication.
By acephale 4w
Aug 12, 2022

Cybersecurity Awareness

Most common types of attacks. Social engineering, phishing. Ransomware.
By Paul Lighter
Aug 12, 2022

The UK’s Interesting (and Important) Strategy for National Cybersecurity

As cybersecurity increasingly becomes a national security issue, the UK approach stands out for several reasons that everyone (public and private sectors) can learn from.
last_chanse_02.png

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial
Get a Demo
Start Free Trial!

Have questions?

By submitting this form, you agree to be contacted about TOPIA and other Vicarius products.

Vicarius develops an autonomous vulnerability remediation platform to help security teams protect their assets against software exploitation. Consolidating vulnerability assessment, prioritization, and remediation, Vicarius strengthens cyber hygiene and proactively reduces risk.
We're hiring!

Support

support@vicarius.io

Sales

sales@vicarius.io

Marketing

info@vicarius.io
Product
Product Overview
Patch Management
Patchless Protection
Auto Actions
Network Scanner
xTags
0-Day Detection
Solution
Solution Overview
Case Studies
Knowledge
Research Center
Apps & OS Patch Catalog
Videos
Articles
Docs
Company
About
Investors
Partners
Trust
Careers
Pricing
Pricing

Copyright © Vicarius. All rights reserved 2022. Privacy Policy and Terms of Use