VYPR

Unifi

by Unify

CVEs (3)

  • CVE-2013-3572MedDec 31, 2013
    risk 0.40cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in the administer interface in the UniFi Controller in Ubiquiti Networks UniFi 2.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted client hostname.

  • CVE-2023-28361May 11, 2023
    risk 0.00cvss epss 0.00

    A Cross-site WebSocket Hijacking (CSWSH) vulnerability found in UniFi OS 2.5 and earlier allows a malicious actor to access certain confidential information by persuading a UniFi OS user to visit a malicious webpage.Affected Products:Cloud Key Gen2Cloud Key Gen2 PlusUNVRUNVR…

  • CVE-2019-5456Jul 30, 2019
    risk 0.00cvss epss 0.01

    SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.