A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and previous versions could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update.
The Ubiquiti EdgeMAX EdgeRouter products are housed in a compact, fanless form factor. The EdgeRouter is powered by the feature rich EdgeOS which features a next- generation graphical user interface.
The Ubiquiti EdgeMax range are designed for smaller network application where PoE is required reducing your infrastructure cabling costs whilst saving space at the same time.
The ER-X/ER-X-SFP/ER-10X/EP-R6 has more limited storage, and in some cases, an upgrade may fail due to not enough space. If this happens, remove the old backup image first (using delete system image CLI command, see here for more details) before doing an upgrade.
More details can be found in the release notes below. Please give it a try if you are interested in the new features/changes to help us test them so that we can get the release out sooner! Thanks very much!
This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later.