Unrated severityNVD Advisory· Published May 11, 2023· Updated Jan 27, 2025
CVE-2023-28361
CVE-2023-28361
Description
A Cross-site WebSocket Hijacking (CSWSH) vulnerability found in UniFi OS 2.5 and earlier allows a malicious actor to access certain confidential information by persuading a UniFi OS user to visit a malicious webpage.Affected Products:Cloud Key Gen2Cloud Key Gen2 PlusUNVRUNVR ProfessionalUDMUDM ProfessionalUDM SEUDRMitigation:Update affected products to UniFi OS 3.0.13 or later.
Affected products
4- Range: <=2.5
- Range: <=2.5
- Range: <=2.5
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.