3 matches found
CVE-2023-28361
A Cross-site WebSocket Hijacking CSWSH vulnerability found in UniFi OS 2.5 and earlier allows a malicious actor to access certain confidential information by persuading a UniFi OS user to visit a malicious webpage.Affected Products:Cloud Key Gen2Cloud Key Gen2 PlusUNVRUNVR ProfessionalUDMUDM...
CVE-2023-41721
Instances of UniFi Network Application that i are run on a UniFi Gateway Console, and ii are versions 7.5.176. and earlier, implement device adoption with improper access control logic, creating a risk of access to device configuration information by a malicious actor with preexisting access to t...
Ubiquiti UniFi Cloud Key 跨站请求伪造漏洞
Ubiquiti UniFi Cloud Key is a secret key device that supports management of UniFi networks from Ubiquiti, Inc. A security vulnerability exists in the Ubiquiti UniFi Cloud Key UniFi OS 2.5 and prior versions, which originated from a vulnerability that allows malicious actors to access certain...