CVEs-PoC/2021/CVE-2021-22909.md

### [CVE-2021-22909](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22909)
![](https://img.shields.io/static/v1?label=Product&message=EdgeMAX%20EdgeRouter&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Fixed%20Version%3A%202.0.9-hotfix.1%20or%20later.%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Man-in-the-Middle%20(CWE-300)&color=brightgreen)

### Description

A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/redeltaglio/ubiquiti-configurator