Filtered by vendor Ui Subscriptions
Total 83 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-5456 1 Ui 1 Unifi Controller 2024-11-21 8.1 High
SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.
CVE-2019-5446 1 Ui 12 Edgeswitch Firmware, Ep-s16., Es-12f and 9 more 2024-11-21 7.2 High
Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as root.
CVE-2019-5445 1 Ui 12 Edgeswitch Firmware, Ep-s16., Es-12f and 9 more 2024-11-21 4.9 Medium
DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands.
CVE-2019-5430 1 Ui 1 Unifi Video 2024-11-21 N/A
In UniFi Video 3.10.0 and prior, due to the lack of CSRF protection, it is possible to abuse the Web API to make changes on the server configuration without the user consent, requiring the attacker to lure an authenticated user to access on attacker controlled page.
CVE-2019-5426 1 Ui 1 Edgeswitch X 2024-11-21 4.8 Medium
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" (SOCKS proxy) functionalities. Remote attackers without credentials can exploit this bug to access local services or forward traffic through the device if SSH is enabled in the system settings.
CVE-2019-5425 1 Ui 1 Edgeswitch X 2024-11-21 N/A
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to root.
CVE-2019-5424 1 Ui 1 Edgeswitch X 2024-11-21 8.8 High
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root user.
CVE-2019-16889 1 Ui 24 Ep-r6, Ep-r6 Firmware, Ep-r8 and 21 more 2024-11-21 7.5 High
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs.
CVE-2019-15595 1 Ui 1 Unifi Video Controller 2024-11-21 8.8 High
A privilege escalation exists in UniFi Video Controller =<3.10.6 that would allow an attacker on the local machine to run arbitrary commands.
CVE-2019-12727 1 Ui 2 Aircam, Aircam Firmware 2024-11-21 N/A
On Ubiquiti airCam 3.1.4 devices, a Denial of Service vulnerability exists in the RTSP Service provided by the ubnt-streamer binary. The issue can be triggered via malformed RTSP requests that lead to an invalid memory read. To exploit the vulnerability, an attacker must craft an RTSP request with a large number of headers.
CVE-2018-5265 1 Ui 2 Edgeos, Erlite-3 2024-11-21 N/A
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters.
CVE-2018-5264 1 Ui 2 Unifi 52, Unifi Firmware 2024-11-21 N/A
Ubiquiti UniFi 52 devices, when Hotspot mode is used, allow remote attackers to bypass intended restrictions on "free time" Wi-Fi usage by sending a /guest/s/default/ request to obtain a cookie, and then using this cookie in a /guest/s/default/login request with the byfree parameter.
CVE-2018-12590 1 Ui 2 Edgeswitch, Edgeswitch Firmware 2024-11-21 7.2 High
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary code.
CVE-2017-0938 1 Ui 4 Airmax Ac, Airos, Edgemax and 1 more 2024-11-21 7.5 High
Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Discovery Protocol in amplification attacks.
CVE-2017-0935 1 Ui 1 Edgeos 2024-11-21 8.8 High
Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate privileges to admin (root) access in the system.
CVE-2017-0912 1 Ui 1 Ucrm 2024-11-21 5.4 Medium
Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling".
CVE-2016-6914 2 Microsoft, Ui 2 Windows, Unifi Video 2024-11-21 7.8 High
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.
CVE-2015-9266 2 Ubnt, Ui 23 Airos 4 Xs2, Airos 4 Xs5, Edgeswitch Xp Firmware and 20 more 2024-11-21 N/A
The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This vulnerability is fixed in the following product versions (fixes released in July 2015, all prior versions are affected): airMAX AC 7.1.3; airMAX M (and airRouter) 5.6.2 XM/XW/TI, 5.5.11 XM/TI, and 5.5.10u2 XW; airGateway 1.1.5; airFiber AF24/AF24HD 2.2.1, AF5x 3.0.2.1, and AF5 2.2.1; airOS 4 XS2/XS5 4.0.4; and EdgeSwitch XP (formerly TOUGHSwitch) 1.3.2.
CVE-2014-2227 1 Ui 1 Unifi Video 2024-11-21 N/A
The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) before 3.0.1 does not restrict access to the application, which allows remote attackers to bypass the Same Origin Policy via a crafted SWF file.
CVE-2014-2226 1 Ui 1 Unifi Controller 2024-11-21 N/A
Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors.