Ubiquiti UniFi OS Server 安全漏洞

The Ubiquiti UniFi OS Server is a server platform developed by the Ubiquiti company, designed for managing UniFi networks and security devices. The Ubiquiti UniFi OS Server has a security vulnerability that stems from improper access control. This vulnerability could allow malicious individuals...

Ubiquiti UniFi OS Server 安全漏洞

The Ubiquiti UniFi OS Server is a server platform developed by the Ubiquiti company, designed for managing UniFi networks and security devices. The Ubiquiti UniFi OS Server has a security vulnerability, which stems from improper input validation. This vulnerability could allow malicious actors wi...

Ubiquiti UniFi OS Server 安全漏洞

The Ubiquiti UniFi OS Server is a server platform developed by the Ubiquiti company, designed for managing UniFi networks and security devices. The Ubiquiti UniFi OS Server has a security vulnerability that stems from path traversal attacks. This vulnerability could allow malicious actors with...

Ubiquiti UniFi Play PowerAmp和Ubiquiti UniFi Play Audio Port 安全漏洞

Both the Ubiquiti UniFi Play PowerAmp and the Ubiquiti UniFi Play Audio Port are products of the American company Ubiquiti. The Ubiquiti UniFi Play PowerAmp is a home audio control device that supports multi-room audio distribution and amplifier integration. The Ubiquiti UniFi Play Audio Port is ...

PT-2026-28262

Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...

Ubiquiti多款产品 加密问题漏洞

The Ubiquiti UniFi Network Controller and other products are all developed by the American company Ubiquiti. The Ubiquiti UniFi Network Controller is a control software platform for centralized management and monitoring of network devices. The Ubiquiti UniFi UAP consists of a series of wireless...

Ubiquiti UniFi Network Application 安全漏洞

The Ubiquiti UniFi Network Application is a centralized management and monitoring platform for network devices and wireless networks developed by the Ubiquiti company. The Ubiquiti UniFi Network Application has a security vulnerability, which stems from an authenticated NoSQL injection. Malicious...

Ubiquiti UniFi Network Application 安全漏洞

The Ubiquiti UniFi Network Application is a centralized management and monitoring platform for network devices and wireless networks developed by the Ubiquiti company. The Ubiquiti UniFi Network Application has a security vulnerability that stems from a susceptibility to path traversal attacks...

(Pwn2Own) Ubiquiti Networks AI Pro Discovery Protocol Missing Encryption Protocol Downgrade Vulnerability

This vulnerability allows network-adjacent attackers to downgrade the communication protocol on affected installations of Ubiquiti Networks AI Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the discovery protocol. The issue results from the lack...

(Pwn2Own) Ubiquiti Networks AI Pro Cleartext Transmission Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Ubiquiti Networks AI Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within device authentication. The issue results from continuing to...

(Pwn2Own) Ubiquiti Networks AI Pro Uncaught Exception Denial-of-Service Vulnerability

This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Ubiquiti Networks AI Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of WebSocket headers. The issue results fro...

Ubiquiti AirControl code injection vulnerability

Ubiquiti AirControl is a centralized network management platform developed by the American company Ubiquiti. Version 1.4.2 of Ubiquiti AirControl contains a code injection vulnerability. This vulnerability stems from Java expression injections present in.seam endpoints, which may allow unverified...

CVE-2018-12591

Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized element in an OS command due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admi...

CVE-2018-12590

Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an...

Ubiquiti多款产品 安全漏洞

Ubiquiti airFiber and others are products of Ubiquiti USA. ubiquiti airFiber is a point-to-point wireless platform. ubiquiti airMAX AC is an outdoor wireless broadband device. ubiquiti airMAX airFiber AF60-XG is an outdoor wireless broadband device. A security vulnerability exists in various...

Ubiquiti多款产品 安全漏洞

The Ubiquiti UBB-XG and Ubiquiti UDB-Pro are both wireless bridge devices from Ubiquiti, Inc. A security vulnerability exists in several Ubiquiti products, which stems from a problem with the airMAX wireless protocol that could lead to remote code execution. The following products and versions ar...

CVE-2019-16889

Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service disk consumption because .cache files in /var/run/beaker/containerfile/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The...

Ubiquiti UniFi Protect Application 安全漏洞

Ubiquiti UniFi Protect Application is a security application from Ubiquiti, Inc. A security vulnerability exists in Ubiquiti UniFi Protect Application version 6.1.79 and earlier, which stems from a flaw in the discovery protocol that could lead to unauthorized access...

Ubiquiti UCRM Argentina AFIP invoices Plugin 安全漏洞

Ubiquiti UCRM Argentina AFIP invoices Plugin is an extension plugin from Ubiquiti USA. A security vulnerability exists in Ubiquiti UCRM Argentina AFIP invoices Plugin version 1.2.0 and earlier, which stems from the presence of cross-site scripting that could lead to elevation of privilege...

Ubiquiti EV Station Lite 安全漏洞

Ubiquiti EV Station Lite is a series of smart electric vehicle charging stations from Ubiquiti USA. A security vulnerability exists in Ubiquiti EV Station Lite v1.5.2 and prior versions, which stems from improper access control and could allow a malicious actor to exploit the WiFi AutoLink featur...