Ubiquiti Networks: UniFi Video Server - Arbitrary file upload as SYSTEM

ID H1:129641
Type hackerone
Reporter hamlon
Modified 2018-11-07T11:47:19


In UniFi Video Server prior to 3.3.0, due to lack of filename verification, it was possible to upload files to arbitrary locations using a especially crafted HTTP request. The exploit require valid credentials and is only exploitable in the Windows version.