RSS   Vulnerabilities for 'Unifi video'   RSS

2017-12-27
 
CVE-2016-6914

CWE-275
 
 
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.

 
2014-07-25
 
CVE-2014-2227

CWE-264
 
 
The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) before 3.0.1 does not restrict access to the application, which allows remote attackers to bypass the Same Origin Policy via a crafted SWF file.

 

 >>> Vendor: UBNT 10 Products
Aircam
Aircam dome
Aircam mini
Airvision firmware
Unifi
Unifi video
Unifi controller
Edgeos
Edgeswitch firmware
Airmax ac firmware

Copyright 2024, cxsecurity.com

 

Back to Top