Unifi Video Controller Security Vulnerabilities and Issues — Unifi Video Controller CVE List

Lucene search

UiUnifi Video Controller

4 matches found

CVE•added 2020/04/01 11:15 p.m.•52 views

CVE-2020-8146

In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsExport folder when the controller is running on Windows and adjusting the SafeDllSearchMode in the wi...

7.8CVSS7.6AI score0.00051EPSS

CVE•added 2019/11/26 12:15 a.m.•48 views

CVE-2019-15595

A privilege escalation exists in UniFi Video Controller =

9.3CVSS8.6AI score0.0066EPSS

CVE•added 2020/04/01 11:15 p.m.•37 views

CVE-2020-8145

The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. Low privileged users, belonging to the PUBLIC_GROUP or CUSTOM_GROUP groups, can access these endpoints and overwrite the current ...

6.5CVSS6.8AI score0.00231EPSS

CVE•added 2020/04/01 11:15 p.m.•36 views

CVE-2020-8144

The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure they are within the intended destination directory tree. It accepts a request with a URL to firmware ...

8.4CVSS8.3AI score0.00262EPSS