CVE-2019-16889

high-risk

Published 2019-09-25

Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs.

Do I need to act?

11.5% chance of exploitation in next 30 days

EPSS score — higher than 89% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (12)

Er-X Firmware

Er-X-Sfp Firmware

Ep-R6 Firmware

Erlite-3 Firmware

Erpoe-5 Firmware

Er-8 Firmware

Erpro-8 Firmware

Ep-R8 Firmware

Er-4 Firmware

Er-6P Firmware

Er-12 Firmware

Er-8-Xg Firmware

Affected Vendors

References (6)

Patch https://community.ui.com/releases/New-EdgeRouter-firmware-2-0-3-has-been-release...

Exploit https://hackerone.com/reports/406614

Exploit https://mjlanders.com/2019/07/28/resource-consumption-dos-on-edgemax-v1-10-6/

Patch https://community.ui.com/releases/New-EdgeRouter-firmware-2-0-3-has-been-release...

Exploit https://hackerone.com/reports/406614

Exploit https://mjlanders.com/2019/07/28/resource-consumption-dos-on-edgemax-v1-10-6/

/ 100

high-risk

Severity 26/34 · High

Exploitability 11/34 · Low

Exposure 17/34 · Moderate