3 matches found
Ubiquiti Inc.: 3x Reflected XSS vectors for services.cgi (XM.v6.1.6, build 32290)
There are certain end-points containing functionalities that are vulnerable to reflected cross site scripting XSS, allowing attackers to abuse the user' session information and/or account takeover of the admin user. Authenticated users can be persuaded to visit malicious web pages, which allows...
Ubiquiti Inc.: Security: Publicly accessible x.509 Public and Private Key of Ubiquiti Networks.
The researcher found two unused files on airOS firmware. These files were not used by any process and did not create any security threat, but it was decided to remove them to free some device memory...
Ubiquiti Network Gear Targeted By Worm
ISP equipment maker Ubiquiti Networks is fending off a stubborn worm targeting its networking equipment running outdated AirOS firmware. According to security experts, the worm is already being blamed for crippling networking gear in the Argentina, Brazil, Spain and the United States. Ubiquiti...