76 matches found
EUVD-2020-29042
Malware in sbrugna...
EUVD-2020-29041
Malware in sbrugna...
EUVD-2014-2267
Malware in sbrugna...
EUVD-2020-29040
Malware in sbrugna...
EUVD-2019-6562
Malware in sbrugna...
EUVD-2019-15021
Malware in sbrugna...
EUVD-2016-7799
Malware in sbrugna...
EUVD-2020-17465
Malware in sbrugna...
CVE-2023-28361
A Cross-site WebSocket Hijacking CSWSH vulnerability found in UniFi OS 2.5 and earlier allows a malicious actor to access certain confidential information by persuading a UniFi OS user to visit a malicious webpage.Affected Products:Cloud Key Gen2Cloud Key Gen2 PlusUNVRUNVR ProfessionalUDMUDM...
CVE-2020-8146
In UniFi Video v3.10.1 for Windows 7/8/10 x64 there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsExport folder when the controller is running on Windows and adjusting the SafeDllSearchMode in the...
CVE-2020-8145
The UniFi Video Server Windows web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. Low privileged users, belonging to the PUBLICGROUP or CUSTOMGROUP groups, can access these endpoints and overwrite the current...
CVE-2020-8144
The UniFi Video Server v3.9.3 and prior for Windows 7/8/10 x64 web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure they are within the intended destination directory tree. It accepts a request with a URL to firmware...
CVE-2019-15595
A privilege escalation exists in UniFi Video Controller =3.10.6 that would allow an attacker on the local machine to run arbitrary commands...
CVE-2019-5430
In UniFi Video 3.10.0 and prior, due to the lack of CSRF protection, it is possible to abuse the Web API to make changes on the server configuration without the user consent, requiring the attacker to lure an authenticated user to access on attacker controlled page...
The vulnerability of the executable file UniFiVideo.exe of the Ubiquiti UniFi Video software allows a intruder to execute arbitrary code.
The vulnerability of the UniFiVideo.exe executable file of the Ubiquiti UniFi Video surveillance device software is related to errors in the mechanism for checking pathfinding for dynamically attached libraries. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
CVE-2020-24755
In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in Windows 7 x64/Windows 10 x64...
CVE-2020-24755
In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in Windows 7 x64/Windows 10 x64...
Design/Logic Flaw
In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in Windows 7 x64/Windows 10 x64...
CVE-2020-24755
In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in Windows 7 x64/Windows 10 x64...
CVE-2020-24755
CVE-2020-24755 affects Ubiquiti UniFi Video v3.10.13. The vulnerability arises when the executable starts and uses the current directory for the first library validation, enabling impersonation and modification of a library to execute code on the system. Tested on Windows 7 x64 and Windows 10 x64...