VYPR

UniFi Video Controller

by Ubiquiti Inc

CVEs (3)

  • CVE-2020-8146HigApr 1, 2020
    risk 0.51cvss 7.8epss 0.01

    In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsExport folder when the controller is running on Windows and adjusting the…

  • CVE-2020-8145MedApr 1, 2020
    risk 0.42cvss 6.5epss 0.01

    The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. Low privileged users, belonging to the PUBLIC_GROUP or CUSTOM_GROUP groups, can access these…

  • CVE-2014-2226Jul 29, 2014
    risk 0.00cvss epss 0.01

    Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors.