RSS   Vulnerabilities for 'Airvision controller'   RSS



Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller before 3.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create a new admin user via a request to api/add/admin; (2) have unspecified impact via a request to api/add/wlanconf; change the guest (3) password, (4) authentication method, or (5) restricted subnets via a request to api/set/setting/guest_access; (6) block, (7) unblock, or (8) reconnect users by MAC address via a request to api/cmd/stamgr; change the syslog (9) server or (10) port via a request to api/set/setting/rsyslogd; (11) have unspecified impact via a request to api/set/setting/smtp; change the syslog (12) server, (13) port, or (14) authentication settings via a request to api/cmd/cfgmgr; or (15) change the Unifi Controller name via a request to api/set/setting/identity.


 >>> Vendor: UI 20 Products
Edgeswitch x
Unifi video
Aircam firmware
Aircam dome
Aircam mini
Airvision firmware
Unifi controller
Unifi firmware
Airvision controller
Mfi controller
Cloud key gen2
Cloud key gen2 plus
Unifi protect
Unifi talk
Unifi switch firmware

Copyright 2024,


Back to Top