What the vulnerability does

01Description

A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later.

Key dates

02Disclosure timeline

December 5, 2022 CVE published
April 24, 2025 Record updated