CVE-2025-48978 | THREATINT

Description

An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.11.0 and earlier) could allow a Command Injection by a malicious actor with access to EdgeSwitch adjacent network. Affected Products: EdgeMAX EdgeSwitch (Version 1.11.0 and earlier) Mitigation: Update the EdgeMAX EdgeSwitch to Version 1.11.1 or later.

PUBLISHED Reserved 2025-05-29 | Published 2025-08-21 | Updated 2025-08-21 | Assigner hackerone

Product status

Default status

unaffected

1.11.1 before 1.11.1

affected

References

community.ui.com/...054/3033f0b7-aca6-4d70-8c51-d3e706bd0ca7

cve.org (CVE-2025-48978)

nvd.nist.gov (CVE-2025-48978)

Download JSON