Ubiquiti UbiFi / mFi / AirVision - CSRF Vulnerability

Exploit for hardware platform in category web applications function sendCSRF var urlbase = "https://192.168.0.106:8443/api/add/admin" var postdata="%7B%22name%22%3A%22csrf%22%2C%22lang%22%3A%22enUS%22%2C%22xpassword%22%3A%22csrf%22%7D" var xmlhttp; xmlhttp = new XMLHttpRequest; xmlhttp.open"POST"...

Ubiquiti UbiFi / mFi / AirVision - CSRF Vulnerability

No description provided by source. Vendor Homepage: http://www.ubnt.com/ Tested on: Kali Linux ----------------------------------------- Affected Products/Versions: ----------------------------------------- UniFi Controller v2.4.6 mFi Controller v2.0.15 AirVision Controller v2.1.3 Note: Previous...

Ubiquiti UbiFi / mFi / AirVision - Cross-Site Request Forgery

Vendor Homepage: http://www.ubnt.com/ Tested on: Kali Linux ----------------------------------------- Affected Products/Versions: ----------------------------------------- UniFi Controller v2.4.6 mFi Controller v2.0.15 AirVision Controller v2.1.3 Note: Previous versions may be affected...

Ubiquiti UbiFi mFi AirVision - Cross-Site Request Forgery

Ubiquiti UbiFi mFi AirVision - Cross-Site Request Forgery Vendor Homepage: http://www.ubnt.com/ Tested on: Kali Linux ----------------------------------------- Affected Products/Versions: ----------------------------------------- UniFi Controller v2.4.6 mFi Controller v2.0.15 AirVision Controller...

Ubiquiti AirVision Controller 2.1.3 Weak Settings

----------- Vendor: ----------- Ubiquiti Networks http://www.ubnt.com/ ---------------------------------------------- Affected Products/Versions: ---------------------------------------------- AirVision Controller v2.1.3 Note: Previous versions may be affected ----------------- Description:...

CVE-2013-1606

Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT AirCam with airVision firmware before 1.1.6 allows remote attackers to execute arbitrary code via a long rtsp: URI in a DESCRIBE request...

Buffer overflow

Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT AirCam with airVision firmware before 1.1.6 allows remote attackers to execute arbitrary code via a long rtsp: URI in a DESCRIBE request...

CVE-2013-1606

CVE-2013-1606: Buffer overflow in Ubiquiti airCam ubnt-streamer RTSP service prior to firmware 1.1.6 (AirCam/airVision) allows remote code execution via a crafted long RTSP DESCRIBE URI. Affected devices include AirCam models (v1.1.5 confirmed; pre-1.1.6). Root cause: parsing of RTSP URI overflow...

CVE-2013-1606

Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT AirCam with airVision firmware before 1.1.6 allows remote attackers to execute arbitrary code via a long rtsp: URI in a DESCRIBE request...

airVision NVR path Parameter Traversal Arbitrary File Access

The remote web server hosts airVision NVR, an application used to remotely monitor IP cameras. The installed version of airVision NVR fails to properly sanitize user-supplied input to the 'path' parameter of the 'views/file.php' script. This could allow an unauthenticated, remote attacker to read...