CVE-2023-31997

UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both 1 running UniFi OS 3.1 and 2 hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen...

CVE-2023-31997

UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both 1 running UniFi OS 3.1 and 2 hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen...

CVE-2023-31997

UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both 1 running UniFi OS 3.1 and 2 hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen...

Code injection

UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both 1 running UniFi OS 3.1 and 2 hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen...

CVE-2023-31997

CVE-2023-31997 concerns UniFi OS 3.1 where a misconfiguration in consoles running UniFi Network enables local-network users to access MongoDB on applicable Cloud Keys (Gen2 and Gen2 Plus) hosting UniFi Network. Impact described as local access to MongoDB; CVSS 3.1 base score 9.0 (Critical) with h...

CVE-2023-31997

UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both 1 running UniFi OS 3.1 and 2 hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen...

iPhone Springboard Malformed Character Crash

!/usr/bin/python iPhone Springboard crash PoC by Chase Higgins. Devices tested: iPhone 2G @ OS 3.1, iPhone 3GS @ 3.1.3 this script acts as webserver, and causes Safari, as well as Mail and Springboard to crash all these apps crash after running this exploit on the iPhone. Unable to debug any of...

iPhone Springboard - Malformed Character Crash (PoC)

!/usr/bin/python iPhone Springboard crash PoC by Chase Higgins. Devices tested: iPhone 2G @ OS 3.1, iPhone 3GS @ 3.1.3 this script acts as webserver, and causes Safari, as well as Mail and Springboard to crash all these apps crash after running this exploit on the iPhone. Unable to debug any of...

CVE-2009-2795

Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing."...

PT-2009-4655 · Apple · Ios +3

Name of the Vulnerable Software and Affected Versions: Apple iPhone OS versions prior to 3.1 Apple iPhone OS versions prior to 3.1.1 for iPod touch Description: The issue is related to multiple heap-based buffer overflows in the AudioCodecs library within the CoreAudio component. This can be...

CVE-2009-2199

Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs...