Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubiquiti vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2014-2225
Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller prior to 3.2.1 allow remote malicious users to hijack the authentication of administrators for requests that (1) create a new admin user via a request to api/add/admin; (2) have unspe...
Ui Unifi Controller
Ui Airvision Controller
Ui Mfi Controller
1 EDB exploit
7.8
CVSSv2
CVE-2019-16889
Ubiquiti EdgeMAX devices prior to 2.0.3 allow remote malicious users to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cook...
Ui Er-x Firmware
Ui Er-x-sfp Firmware
Ui Ep-r6 Firmware
Ui Erlite-3 Firmware
Ui Erpoe-5 Firmware
Ui Er-8 Firmware
Ui Erpro-8 Firmware
Ui Ep-r8 Firmware
Ui Er-4 Firmware
Ui Er-6p Firmware
Ui Er-12 Firmware
Ui Er-8-xg Firmware
2 Github repositories
5
CVSSv2
CVE-2010-5330
On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, an...
Ui Airos
4.3
CVSSv2
CVE-2018-5264
Ubiquiti UniFi 52 devices, when Hotspot mode is used, allow remote malicious users to bypass intended restrictions on "free time" Wi-Fi usage by sending a /guest/s/default/ request to obtain a cookie, and then using this cookie in a /guest/s/default/login request with t...
Ui Unifi Firmware -
6.5
CVSSv2
CVE-2018-5265
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote malicious users to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips'...
Ui Edgeos 1.9.1
7.8
CVSSv2
CVE-2019-12727
On Ubiquiti airCam 3.1.4 devices, a Denial of Service vulnerability exists in the RTSP Service provided by the ubnt-streamer binary. The issue can be triggered via malformed RTSP requests that lead to an invalid memory read. To exploit the vulnerability, an attacker must craft an...
Ui Aircam Firmware 3.1.4
9
CVSSv2
CVE-2019-5425
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to root.
Ui Edgeswitch X
9
CVSSv2
CVE-2019-5424
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root user.
Ui Edgeswitch X
5.8
CVSSv2
CVE-2019-5426
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" (SOCKS proxy) functionalities. Remote attackers without credentials can exploit this bug to access local services or f...
Ui Edgeswitch X
10
CVSSv2
CVE-2015-9266
The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated malicious user to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain roo...
Ui Airmax Ac Firmware 7.1.3
Ui Airmax M Xm Firmware
Ui Airmax M Xw Firmware
Ui Airmax M Ti Firmware
Ui Airgateway Firmware
Ui Airfiber Af24 Firmware
Ui Airfiber Af24hd Firmware
Ui Af5x Firmware
Ui Af5 Firmware
Ubnt Airos 4 Xs2
Ubnt Airos 4 Xs5
Ubnt Edgeswitch Xp Firmware
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »