RSS   Podatności dla 'UCRM'   RSS

2018-07-03
 
CVE-2017-0912

CWE-79
 

 
Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling".

 

 >>> Vendor: UI 15 Produkty
Edgeswitch x
Unifi video
Aircam firmware
Edgeos
Aircam
Aircam dome
Aircam mini
Airvision firmware
Unifi
Unifi controller
Unifi firmware
UCRM
Edgeswitch
Airvision controller
Mfi controller


Copyright 2020, cxsecurity.com

 

Back to Top