CVE-2023-23912

Published: Feb 9, 2023

Modified: Mar 24, 2025

PUBLISHED

Description

A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected device to create a remote code execution vulnerability.

Vendor	Product	Versions
n/a	Ubiquiti EdgeRouter(s) and USG(s)	affected `EdgeRouter(s) Version 2.0.9-hotfix.6 or later and USG(s) to Version 4.4.57 or later`

Weaknesses (CWE)

CWE-75

References

https://community.ui.com/releases/Security-Advisory-Bulletin-028-028/696e4e3b-718c-4da4-9a21-965a85633b5f

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-23912

Description

Affected Products

Weaknesses (CWE)

References