Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs.
No PoCs from references.
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/grampae/CVE-2019-16889-poc
- https://github.com/grampae/meep
- https://github.com/grampae/meep2
- https://github.com/hectorgie/PoC-in-GitHub