Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubiquiti vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2014-2227
The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) prior to 3.0.1 does not restrict access to the application, which allows remote malicious users to bypass the Same Origin Policy via a crafted SW...
Ui Unifi Video
1 EDB exploit
NA
CVE-2013-16063
Core Security Technologies Advisory - The Ubiquiti airCam RTSP service 'ubnt-streamer' has a buffer overflow when parsing the URI of a RTSP request message. This bug allows remote attackers to execute arbitrary code via RTSP request message.
725
VMScore
CVE-2016-6914
Ubiquiti UniFi Video prior to 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.
Ui Unifi Video
1 EDB exploit
231
VMScore
CVE-2014-2226
Ubiquiti UniFi Controller prior to 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle malicious users to obtain sensitive information via unspecified vectors.
Ui Unifi Controller
755
VMScore
CVE-2013-1606
Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT AirCam with airVision firmware prior to 1.1.6 allows remote malicious users to execute arbitrary code via a long rtsp: URI in a DESCRIBE request.
Ui Airvision Firmware
Ui Aircam Mini -
Ui Aircam Dome -
Ui Aircam -
1 EDB exploit
NA
CVE-2016-69142
Ubiquiti UniFi Video version 3.7.3 (Windows) suffers from a local privilege escalation vulnerability due to insecure directory permissions.
NA
CVE-2016-69142016
Ubiquiti UniFi Video version 3.7.3 (Windows) suffers from a local privilege escalation vulnerability due to insecure directory permissions.
739
VMScore
CVE-2016-7792
Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote malicious users to modify the database by directly connecting to it.
Ubiquiti Networks Unifi Ap Ac Lite Firmware
676
VMScore
CVE-2021-22909
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and previous versions could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later.
Ui Edgemax Edgerouter Firmware
1 Github repository
NA
CVE-2023-23912
A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and previous versions and UniFi Security Gateways (USG) Version 4.4.56 and previous versions with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to...
Ui Usg Firmware
Ui Usg-pro-4 Firmware
Ui Er-10x Firmware
Ui Er-10x Firmware 2.0.9
Ui Er-12 Firmware
Ui Er-12 Firmware 2.0.9
Ui Er-12p Firmware
Ui Er-12p Firmware 2.0.9
Ui Er-4 Firmware
Ui Er-4 Firmware 2.0.9
Ui Er-6p Firmware
Ui Er-6p Firmware 2.0.9
Ui Er-8-xg Firmware
Ui Er-8-xg Firmware 2.0.9
Ui Er-x Firmware
Ui Er-x Firmware 2.0.9
Ui Er-x-sfp Firmware
Ui Er-x-sfp Firmware 2.0.9
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »