CVE-2010-5330: Ubiquiti AirOS Command Injection Vulnerability

CVE ID

CVE-2010-5330

Vulnerability Name

Ubiquiti AirOS Command Injection Vulnerability

• Project: Ubiquiti
• Product: AirOS

Date

• Date Added: 2022-04-15
• Due Date: 2022-05-06

Description

Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2010-5330

Related Security News

• Ubiquiti patches three max severity UniFi OS vulnerabilities

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List