2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2023-23912" ,
"sourceIdentifier" : "support@hackerone.com" ,
"published" : "2023-02-09T20:15:11.740" ,
"lastModified" : "2023-02-17T20:04:53.320" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected device to create a remote code execution vulnerability."
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" ,
"attackVector" : "ADJACENT_NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "HIGH" ,
"baseScore" : 8.8 ,
"baseSeverity" : "HIGH"
} ,
"exploitabilityScore" : 2.8 ,
"impactScore" : 5.9
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-94"
}
]
} ,
{
"source" : "support@hackerone.com" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-75"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:usg_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "4.4.57" ,
"matchCriteriaId" : "42EEFED0-A2A2-4331-A87A-A181742D0550"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ui:usg:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "59478336-F60A-4963-A3E3-89B04A119223"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:usg-pro-4_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "4.4.57" ,
"matchCriteriaId" : "7074B37B-FBD0-4484-96FA-15F51661CBD7"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ui:usg-pro-4:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D357AC52-6588-45F2-ACAC-165B4C97F464"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-10x_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "2.0.9" ,
"matchCriteriaId" : "0443C2FC-354E-47A1-A73B-912DD16EA216"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-10x_firmware:2.0.9:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "91B1E29D-7EEA-42BE-BB73-2EDF0DF1D7B5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-10x_firmware:2.0.9:hotfix2:*:*:*:*:*:*" ,
"matchCriteriaId" : "0C20F448-B93A-49CA-BB13-FBCB08BB9D4F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-10x_firmware:2.0.9:hotfix4:*:*:*:*:*:*" ,
"matchCriteriaId" : "B0CC4F6A-660D-4EED-886D-63E8EA9723B4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-10x_firmware:2.0.9:hotfix5:*:*:*:*:*:*" ,
"matchCriteriaId" : "32E6424A-4E41-4DDA-A8FE-66C0DE007623"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ui:er-10x:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "257D043B-BBD0-45D5-AEA4-32DC720F3C2B"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-12_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "2.0.9" ,
"matchCriteriaId" : "0FAD0529-AA21-48D4-86CC-663381C8C211"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-12_firmware:2.0.9:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "6E80E56E-A867-40F0-B5E7-B4B0CE4F912F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-12_firmware:2.0.9:hotfix2:*:*:*:*:*:*" ,
"matchCriteriaId" : "12E1323D-1078-4501-A8FD-7DB263F2411E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-12_firmware:2.0.9:hotfix4:*:*:*:*:*:*" ,
"matchCriteriaId" : "0D6756AB-F23F-4060-B38F-DBAA0BC8733B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-12_firmware:2.0.9:hotfix5:*:*:*:*:*:*" ,
"matchCriteriaId" : "B10F7FBC-3274-4CB7-AA87-72C2B43DA457"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ui:er-12:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0A7DEE4B-D49C-4D11-9AA8-3F422DDF8964"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-12p_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "2.0.9" ,
"matchCriteriaId" : "80B96493-2E6D-4F9E-AD41-CD1AB46C0650"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-12p_firmware:2.0.9:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "D99F46FE-6FA5-4995-B9AB-6DA45AC6AC84"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-12p_firmware:2.0.9:hotfix2:*:*:*:*:*:*" ,
"matchCriteriaId" : "AB366C51-77CB-4DA9-957B-873A814EFAD8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-12p_firmware:2.0.9:hotfix4:*:*:*:*:*:*" ,
"matchCriteriaId" : "9015D609-89CF-4296-9E79-24E39F4C6AA0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-12p_firmware:2.0.9:hotfix5:*:*:*:*:*:*" ,
"matchCriteriaId" : "FA39BE0A-9BEA-4578-87E6-AD2402DBC101"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ui:er-12p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "510797FB-103E-43D3-843B-5330716A13F5"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-4_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "2.0.9" ,
"matchCriteriaId" : "DA799FF3-1F2A-421D-AB8C-1078F82EA42C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-4_firmware:2.0.9:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "E0E5186F-3777-4A48-B26C-B2E9ADDA5142"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-4_firmware:2.0.9:hotfix2:*:*:*:*:*:*" ,
"matchCriteriaId" : "98E75674-504E-4F23-A326-C3257C3B8A2E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-4_firmware:2.0.9:hotfix4:*:*:*:*:*:*" ,
"matchCriteriaId" : "0D425830-846B-4DE1-A894-C5204B2FB38E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-4_firmware:2.0.9:hotfix5:*:*:*:*:*:*" ,
"matchCriteriaId" : "A40D50F4-2207-4A04-B9A1-62B0E8A93C88"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ui:er-4:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C0DBDD16-1FDE-45FA-9A5C-44BCF44D70FB"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-6p_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "2.0.9" ,
"matchCriteriaId" : "F2A602FE-52D8-4532-B251-7B297D48DBC2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-6p_firmware:2.0.9:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "4EB4D4A9-F899-4F48-BE36-DF0EF01D54F3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-6p_firmware:2.0.9:hotfix2:*:*:*:*:*:*" ,
"matchCriteriaId" : "49C9FDF4-38A0-4F3F-A254-C23124E9C815"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-6p_firmware:2.0.9:hotfix4:*:*:*:*:*:*" ,
"matchCriteriaId" : "1DDE4F7A-0BB2-4160-845C-D98005B48616"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-6p_firmware:2.0.9:hotfix5:*:*:*:*:*:*" ,
"matchCriteriaId" : "3C15499E-CEE1-4E40-8288-243FAE540B99"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ui:er-6p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E9EA558B-7CF3-4CD0-8D73-A6BC646948C9"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-8-xg_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "2.0.9" ,
"matchCriteriaId" : "136672C3-79AD-4CBE-B4D1-22D5CCA49358"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-8-xg_firmware:2.0.9:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "EE42C156-EAD4-4594-A45C-3445396D085F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-8-xg_firmware:2.0.9:hotfix2:*:*:*:*:*:*" ,
"matchCriteriaId" : "B9DFC719-7376-482C-8406-8F8B4903F3B9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-8-xg_firmware:2.0.9:hotfix4:*:*:*:*:*:*" ,
"matchCriteriaId" : "C4B6811C-71A1-4E80-B4E1-146D6712FF06"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-8-xg_firmware:2.0.9:hotfix5:*:*:*:*:*:*" ,
"matchCriteriaId" : "5D680162-9253-49E6-8907-EEE0EF59517B"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ui:er-8-xg:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EBB1CDE7-F121-4D6A-A729-C6A1F27100E8"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-x_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "2.0.9" ,
"matchCriteriaId" : "5E5C7E0B-4335-44F0-A19F-6E68D9CFD5AF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-x_firmware:2.0.9:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "9DB3EE14-A555-4DCA-9C16-F3D72489F10C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix2:*:*:*:*:*:*" ,
"matchCriteriaId" : "2844D28C-FAD9-498A-93FF-7A4A217210A8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix4:*:*:*:*:*:*" ,
"matchCriteriaId" : "B0473F8F-8D1E-4CEB-A7FC-979F3F3AAF29"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix5:*:*:*:*:*:*" ,
"matchCriteriaId" : "C5D34B1D-9F1F-4A1F-A76C-FB4EE83D08F7"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ui:er-x:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "91B9AD72-BF39-4731-85B9-26036F7C425B"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-x-sfp_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "2.0.9" ,
"matchCriteriaId" : "34DA36D8-F0BD-4E98-A74C-5D50AD0980C5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "906F4A72-7C6D-45FD-875F-2D2791CE9F4A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix2:*:*:*:*:*:*" ,
"matchCriteriaId" : "B919E33F-AC70-432C-A3F8-29FDFC710BB0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix4:*:*:*:*:*:*" ,
"matchCriteriaId" : "FFEE96EB-D8AE-4B23-B090-E86FBA4BEF73"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix5:*:*:*:*:*:*" ,
"matchCriteriaId" : "101616F2-CA1A-4BF0-9025-F20EDA26F235"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ui:er-x-sfp:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4F922D6E-7C6D-4984-A0DF-6EDC0C7A9900"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://community.ui.com/releases/Security-Advisory-Bulletin-028-028/696e4e3b-718c-4da4-9a21-965a85633b5f" ,
"source" : "support@hackerone.com" ,
"tags" : [
"Exploit" ,
"Patch" ,
"Vendor Advisory"
]
}
]
}
