CVE-2020-8171

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:There are certain end-points containing functionalities that are vulnerable to command injection. It is possible to craft an input string that passes the filter check but still contains commands, resulting in remote code execution.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.

CVSS v3.0 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://community.ui.com/releases/airMAX-M-v6-3-0/c8d5dec9-4030-4d7e-b23f-6a5b35ed3d83	Vendor Advisory
https://www.ui.com/download/airmax-m	Release Notes
https://community.ui.com/releases/Security-advisory-bulletin-011-011/d0d411a5-6dcb-4988-9709-d57f50957261	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:ui:airos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:ui:ag-hp-2g16:-:::::::*
	cpe:2.3:h:ui:ag-hp-2g20:-:::::::*
	cpe:2.3:h:ui:ag-hp-5g23:-:::::::*
	cpe:2.3:h:ui:ag-hp-5g27:-:::::::*
	cpe:2.3:h:ui:airgrid_m:-:::::::*
	cpe:2.3:h:ui:airgrid_m2:-:::::::*
	cpe:2.3:h:ui:airgrid_m5:-:::::::*
	cpe:2.3:h:ui:ar:-:::::::*
	cpe:2.3:h:ui:ar-hp:-:::::::*
	cpe:2.3:h:ui:bm2-ti:-:::::::*
	cpe:2.3:h:ui:bm2hp:-:::::::*
	cpe:2.3:h:ui:bm5-ti:-:::::::*
	cpe:2.3:h:ui:is-m5:-:::::::*
	cpe:2.3:h:ui:lbem5-23:-:::::::*
	cpe:2.3:h:ui:locom2:-:::::::*
	cpe:2.3:h:ui:locom5:-:::::::*
	cpe:2.3:h:ui:m2:-:::::::*
	cpe:2.3:h:ui:m5:-:::::::*
	cpe:2.3:h:ui:nbe-m2-13:-:::::::*
	cpe:2.3:h:ui:nbe-m5-16:-:::::::*
	cpe:2.3:h:ui:nbe-m5-19:-:::::::*
	cpe:2.3:h:ui:bm5hp:-:::::::*
	cpe:2.3:h:ui:litestation_m5:-:::::::*
	cpe:2.3:h:ui:locom9:-:::::::*
	cpe:2.3:h:ui:m3:-:::::::*
	cpe:2.3:h:ui:m365:-:::::::*
	cpe:2.3:h:ui:m900:-:::::::*
	cpe:2.3:h:ui:nb-2g18:-:::::::*
	cpe:2.3:h:ui:nb-5g22:-:::::::*
	cpe:2.3:h:ui:nb-5g25:-:::::::*
	cpe:2.3:h:ui:nbm3:-:::::::*
	cpe:2.3:h:ui:nbm365:-:::::::*
	cpe:2.3:h:ui:nbm9:-:::::::*
	cpe:2.3:h:ui:nsm2:-:::::::*
	cpe:2.3:h:ui:nsm5:-:::::::*
	cpe:2.3:h:ui:pbe-m2-400:-:::::::*
	cpe:2.3:h:ui:pbe-m5-300:-:::::::*
	cpe:2.3:h:ui:pbe-m5-300-iso:-:::::::*
	cpe:2.3:h:ui:pbe-m5-400:-:::::::*
	cpe:2.3:h:ui:pbe-m5-400-iso:-:::::::*
	cpe:2.3:h:ui:pbe-m5-620:-:::::::*
	cpe:2.3:h:ui:rm2-ti:-:::::::*
	cpe:2.3:h:ui:rm5-ti:-:::::::*
	cpe:2.3:h:ui:nsm3:-:::::::*
	cpe:2.3:h:ui:nsm365:-:::::::*
	cpe:2.3:h:ui:pbm10:-:::::::*
	cpe:2.3:h:ui:pbm365:-:::::::*
	cpe:2.3:h:ui:pbm5:-:::::::*
	cpe:2.3:h:ui:picom2hp:-:::::::*
	cpe:2.3:h:ui:power_ap_n:-:::::::*

Information

Published : 2020-05-26 09:15

Updated : 2020-05-28 13:00

NVD link : CVE-2020-8171

Mitre link : CVE-2020-8171

JSON object : View

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Products Affected

nsm365
rm2-ti
nbm365
pbe-m5-400-iso
bm5-ti
pbm5
m365
litestation_m5
ar
m2
bm2hp
pbe-m5-400
pbe-m5-300-iso
ag-hp-5g23
lbem5-23
bm2-ti
nbm3
airgrid_m
pbe-m2-400
nbe-m5-19
power_ap_n
pbe-m5-620
locom5
nb-5g25
rm5-ti
ar-hp
nsm5
locom9
ag-hp-5g27
nbm9
pbe-m5-300
airgrid_m2
m900
locom2
pbm10
nsm3
nbe-m2-13
pbm365
ag-hp-2g16
airgrid_m5
nbe-m5-16
picom2hp
m3
nb-2g18
nsm2
nb-5g22
ag-hp-2g20
m5
is-m5
airos
bm5hp

9.8 /10