CVE-2023-1458 – CVE-2023-1458 is a command injection vulnerabil... (How to Fix)

Q: What is the severity of CVE-2023-1458?

CVE-2023-1458 has a CVSS score of 7.2 (HIGH). CVE-2023-1458 is a command injection vulnerability in Ubiquiti EdgeRouter X's OSPF handler that allows authenticated attackers to execute arbitrary commands on affected devices. This affects EdgeRouter X version 2.0.9-hotfix.6. The vendor considers this a post-authentication issue rather than a vulnerability.

📋 TL;DR

CVE-2023-1458 is a command injection vulnerability in Ubiquiti EdgeRouter X's OSPF handler that allows authenticated attackers to execute arbitrary commands on affected devices. This affects EdgeRouter X version 2.0.9-hotfix.6. The vendor considers this a post-authentication issue rather than a vulnerability.

💻 Affected Systems

Products:

Ubiquiti EdgeRouter X

Versions: 2.0.9-hotfix.6

Operating Systems: EdgeOS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires OSPF configuration and authentication. The vendor disputes this as a vulnerability since it requires authentication.

📦 What is this software?

Edgerouter X Firmware by Ui

View all CVEs affecting Edgerouter X Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attacker to install persistent backdoors, intercept network traffic, pivot to internal networks, or brick the device.

🟠

Likely Case

Attacker with network access and valid credentials gains remote code execution to modify configurations, steal data, or disrupt network services.

🟢

If Mitigated

Limited impact if strong authentication controls, network segmentation, and proper access controls prevent unauthorized access to OSPF configuration.

🌐 Internet-Facing: MEDIUM - Requires authentication but many routers are internet-facing with default or weak credentials.

🏢 Internal Only: MEDIUM - Internal attackers with valid credentials could exploit this to pivot within the network.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires authentication but has been publicly disclosed. The vendor's position may reduce urgency for some organizations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None - vendor does not consider this a vulnerability

Restart Required: No

Instructions:

No official patch available. Consider upgrading to latest EdgeRouter firmware if available, though vendor may not specifically address this issue.

🔧 Temporary Workarounds

Disable OSPF if not needed

linux

Remove OSPF configuration from the router if the protocol is not required for your network.

configure
delete protocols ospf
commit
save
exit

Restrict OSPF access

linux

Limit which interfaces and networks can access OSPF services using firewall rules.

configure
set firewall name WAN_LOCAL rule 10 action drop
set firewall name WAN_LOCAL rule 10 protocol ospf
commit
save
exit

🧯 If You Can't Patch

Implement strong authentication with complex passwords and multi-factor authentication if supported
Segment network to isolate routers from untrusted networks and implement strict firewall rules

🔍 How to Verify

Check if Vulnerable:

Check if running EdgeRouter X version 2.0.9-hotfix.6 and OSPF is configured: show version | grep Version, show configuration | grep ospf

Check Version:

show version | grep Version

Verify Fix Applied:

Verify OSPF is disabled or restricted: show configuration | grep -A5 -B5 ospf

📡 Detection & Monitoring

Log Indicators:

Unusual OSPF configuration changes
Unexpected command execution in system logs
Authentication attempts to router management interface

Network Indicators:

Unusual OSPF traffic patterns
Unexpected outbound connections from router
OSPF protocol anomalies

SIEM Query:

source="edgeos" AND (ospf OR "command injection" OR "unauthorized configuration")

📊 Metadata

CVE ID: CVE-2023-1458

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-77

Published: March 25, 2023

Last Updated: November 21, 2024

🔗 References

https://vuldb.com/?ctiid.223303 Third Party Advisory
https://vuldb.com/?id.223303 Exploit,Third Party Advisory
https://vuldb.com/?ctiid.223303 Third Party Advisory
https://vuldb.com/?id.223303 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-1458, you might also want to check these: