CVE-2020-8171 - OpenCVE

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:There are certain end-points containing functionalities that are vulnerable to command injection. It is possible to craft an input string that passes the filter check but still contains commands, resulting in remote code execution.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Ui	M365 Ag-hp-5g23 Ar-hp Picom2hp Nbm365 Airgrid M Pbm365 Pbe-m5-300 Nsm3 Airgrid M5 Nsm5 Ag-hp-5g27 Nbe-m2-13 Nbe-m5-16 Nsm2 Is-m5 Nb-5g25 Pbe-m2-400 Nbm3 Ag-hp-2g16 Pbm10 Locom2 Rm2-ti Airgrid M2 Nb-2g18 Lbem5-23 Pbe-m5-620 Nbm9 Pbe-m5-400 Ar Power Ap N Pbm5 Nsm365 Bm2-ti M2 M3 Bm5hp Nb-5g22 Locom9 Pbe-m5-400-iso Rm5-ti Locom5 M5 M900 Litestation M5 Bm2hp Pbe-m5-300-iso Airos Nbe-m5-19 Bm5-ti Ag-hp-2g20

Configuration 1 [-]

AND

cpe:2.3:o:ui:airos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:ui:ag-hp-2g16:-:::::::*
	cpe:2.3:h:ui:ag-hp-2g20:-:::::::*
	cpe:2.3:h:ui:ag-hp-5g23:-:::::::*
	cpe:2.3:h:ui:ag-hp-5g27:-:::::::*
	cpe:2.3:h:ui:airgrid_m:-:::::::*
	cpe:2.3:h:ui:airgrid_m2:-:::::::*
	cpe:2.3:h:ui:airgrid_m5:-:::::::*
	cpe:2.3:h:ui:ar:-:::::::*
	cpe:2.3:h:ui:ar-hp:-:::::::*
	cpe:2.3:h:ui:bm2-ti:-:::::::*
	cpe:2.3:h:ui:bm2hp:-:::::::*
	cpe:2.3:h:ui:bm5-ti:-:::::::*
	cpe:2.3:h:ui:bm5hp:-:::::::*
	cpe:2.3:h:ui:is-m5:-:::::::*
	cpe:2.3:h:ui:lbem5-23:-:::::::*
	cpe:2.3:h:ui:litestation_m5:-:::::::*
	cpe:2.3:h:ui:locom2:-:::::::*
	cpe:2.3:h:ui:locom5:-:::::::*
	cpe:2.3:h:ui:locom9:-:::::::*
	cpe:2.3:h:ui:m2:-:::::::*
	cpe:2.3:h:ui:m3:-:::::::*
	cpe:2.3:h:ui:m365:-:::::::*
	cpe:2.3:h:ui:m5:-:::::::*
	cpe:2.3:h:ui:m900:-:::::::*
	cpe:2.3:h:ui:nb-2g18:-:::::::*
	cpe:2.3:h:ui:nb-5g22:-:::::::*
	cpe:2.3:h:ui:nb-5g25:-:::::::*
	cpe:2.3:h:ui:nbe-m2-13:-:::::::*
	cpe:2.3:h:ui:nbe-m5-16:-:::::::*
	cpe:2.3:h:ui:nbe-m5-19:-:::::::*
	cpe:2.3:h:ui:nbm3:-:::::::*
	cpe:2.3:h:ui:nbm365:-:::::::*
	cpe:2.3:h:ui:nbm9:-:::::::*
	cpe:2.3:h:ui:nsm2:-:::::::*
	cpe:2.3:h:ui:nsm3:-:::::::*
	cpe:2.3:h:ui:nsm365:-:::::::*
	cpe:2.3:h:ui:nsm5:-:::::::*
	cpe:2.3:h:ui:pbe-m2-400:-:::::::*
	cpe:2.3:h:ui:pbe-m5-300:-:::::::*
	cpe:2.3:h:ui:pbe-m5-300-iso:-:::::::*
	cpe:2.3:h:ui:pbe-m5-400:-:::::::*
	cpe:2.3:h:ui:pbe-m5-400-iso:-:::::::*
	cpe:2.3:h:ui:pbe-m5-620:-:::::::*
	cpe:2.3:h:ui:pbm10:-:::::::*
	cpe:2.3:h:ui:pbm365:-:::::::*
	cpe:2.3:h:ui:pbm5:-:::::::*
	cpe:2.3:h:ui:picom2hp:-:::::::*
	cpe:2.3:h:ui:power_ap_n:-:::::::*
	cpe:2.3:h:ui:rm2-ti:-:::::::*
	cpe:2.3:h:ui:rm5-ti:-:::::::*

References

Link	Resource
https://community.ui.com/releases/Security-advisory-bulletin-011-011/d0d411a5-6dcb-4988-9709-d57f50957261	Vendor Advisory
https://community.ui.com/releases/airMAX-M-v6-3-0/c8d5dec9-4030-4d7e-b23f-6a5b35ed3d83	Vendor Advisory
https://www.ui.com/download/airmax-m	Release Notes