CVE-2023-2379 HIGH

CVE-2023-2379: Ubiquiti EdgeRouter X Web Service denial of service

Vendor Ubiquiti
Product EdgeRouter X
Weakness CWE-404
Published April 28, 2023
Last update January 30, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Service. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227655.

Key dates

02Disclosure timeline

April 28, 2023 CVE published
January 30, 2025 Record updated