Login
Start Free Trial
Research Center
CVE-2020-21883 Research Center

CVE-2020-21883

Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover.

  • 8.8 critical severity

  • CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  • 09/04/2021

Operating Systems 5

Un

Unibox U50 Firmware

by Indionetworks

1 Version

2 years ago

Un

Unibox U500 Firmware

by Indionetworks

1 Version

2 years ago

Un

Unibox U1000 Firmware

by Indionetworks

1 Version

2 years ago

Un

Unibox U2500 Firmware

by Indionetworks

1 Version

2 years ago

Un

Unibox U5000 Firmware

by Indionetworks

1 Version

2 years ago

Vulnerability Categories 1

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

xTags 5

#easy_to_exploit
#known_vulnerability
#confidentiality_impact_if_exploited
#integrity_impact_if_exploited
#availability_impact_if_exploited

Advisory Links 3

http://wifi-soft.com
https://s3curityb3ast.github.io/KSA-Dev-009.txt
https://www.mail-archive.com/fulldisclosure@seclists.org/msg07140.html
http://www.vicarius.io is owned and operated by Vicarius Ltd. (the “Company”). All information contained on the Website is purely for informational, and educational purposes and should be independently verified and confirmed. Vicarius does not accept any liability for any loss or damage whatsoever caused in reliance upon such information or services. No statements or information presented in any form by Vicarius is intended as fact, and you agree that you will not consider the statements or information presented on the Website as fact or as a guarantee of performance.

Related CVEs

Security Research Topics

By Paul Lighter
Nov 30, 2022

Online Casino Heist Shreds Confidence in Cybersecurity

Hackers recently swiped $300,000 from DraftKings accounts - and it was almost effortless. This attack will likely be forgotten by history. But it should be a wake-up call instead.
By Shahar Reichman
Nov 30, 2022

New Subscription Tab

View & Download your license file from Topia dashboard
By acephale 4w
Nov 29, 2022

The Dark Stuff - Tor - Continued

Another bi-weekly/monthly talk on Tor.
By Jenny R
Nov 25, 2022

Choosing the Right Access Control Model

Choosing the right access control model for your project/organization is of great importance from a security point of view. There are more access control models, and I will try to show you their differences in this article.
By Khurram Arif
Nov 25, 2022

Fortinet Authentication Bypass Vulnerability - CVE-2022-40684

Vulnerability allows adversaries to bypass authentication and login into the vulnerable systems as an administrator.
last_chanse_04.png

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial
Get a Demo
Start Free Trial!