A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.00507Percentile:
0.6527
CVSS Scoring
CVSS v3.1 Score: 7.5
Severity: HIGH
Mapped CWE(s)
CWE-295
: Improper Certificate Validation
CWE-300
: Channel Accessible by Non-Endpoint
All CAPEC(s)
CAPEC-459 : Creating a Rogue Certification Authority Certificate
CAPEC-466 : Leveraging Active Adversary in the Middle Attacks to Bypass Same Origin Policy
CAPEC-475 : Signature Spoofing by Improper Validation
CAPEC-57 : Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
CAPEC-589 : DNS Blocking
CAPEC-590 : IP Address Blocking
CAPEC-612 : WiFi MAC Address Tracking
CAPEC-613 : WiFi SSID Tracking
CAPEC-615 : Evil Twin Wi-Fi Attack
CAPEC-662 : Adversary in the Browser (AiTB)
CAPEC-94 : Adversary in the Middle (AiTM)
CAPEC(s) with Mapped TTPs
CAPEC-57 : Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
Mapped TTPs:
CAPEC-662 : Adversary in the Browser (AiTB)
Mapped TTPs:
T1185
: Browser Session Hijacking
CAPEC-94 : Adversary in the Middle (AiTM)
Mapped TTPs:
T1557
: Adversary-in-the-Middle
Mapped ATT&CK TTPs
T1040
: Network Sniffing
Kill Chain: credential-access
T1185
: Browser Session Hijacking
Kill Chain: collection
T1557
: Adversary-in-the-Middle
Kill Chain: credential-access
Malware
APTs Threat Group Associations
Campaigns
ArcaneDoor 2015 Ukraine Electric Power Attack
Affected Products
cpe:2.3:o:ui:edgemax_edgerouter_firmware:*:*:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me