Unifi Protect
Monthly
UniFi Protect Application versions 6.1.79 and earlier suffer from a buffer overflow in the discovery protocol that allows adjacent network attackers to trigger denial of service by causing the application to restart. The vulnerability requires network proximity but no authentication or user interaction, making it exploitable by any attacker on the same network segment. Administrators should upgrade to version 6.2.72 or later to remediate this issue.
UniFi Protect Camera versions 6.1.79 and earlier contain an authentication bypass in their discovery protocol that allows adjacent network attackers to gain unauthorized access without credentials. An attacker on the local network can exploit this vulnerability to compromise camera systems and obtain full control. No patch is currently available, though updating to version 6.2.72 or later is recommended as mitigation.
A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
UniFi Protect Application versions 6.1.79 and earlier suffer from a buffer overflow in the discovery protocol that allows adjacent network attackers to trigger denial of service by causing the application to restart. The vulnerability requires network proximity but no authentication or user interaction, making it exploitable by any attacker on the same network segment. Administrators should upgrade to version 6.2.72 or later to remediate this issue.
UniFi Protect Camera versions 6.1.79 and earlier contain an authentication bypass in their discovery protocol that allows adjacent network attackers to gain unauthorized access without credentials. An attacker on the local network can exploit this vulnerability to compromise camera systems and obtain full control. No patch is currently available, though updating to version 6.2.72 or later is recommended as mitigation.
A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.