All CosmicBytez Labs articles tagged #Ubiquiti, across news, security advisories, how-to guides, and projects.
A maximum-severity command injection vulnerability in Ubiquiti's UniFi Connect Application allows any network-accessible attacker to execute arbitrary OS...
Multiple authenticated SQL injection vulnerabilities in Ubiquiti's UniFi Talk Application can be chained to escalate privileges to host-level access on...
An improper input validation flaw in Ubiquiti's UniFi Access Application enables low-privileged network attackers to inject OS commands and execute...
A critical improper access control vulnerability in Ubiquiti's UniFi Access Application enables high-privileged network attackers to further escalate...
A critical CVSS 9.9 privilege escalation vulnerability in Ubiquiti UniFi OS allows a low-privileged network attacker to escalate privileges within UniFi...
A critical CVSS 9.9 command injection vulnerability in Ubiquiti UniFi OS allows a low-privileged network attacker to execute arbitrary commands within...
Ubiquiti has released security updates fixing three CVSS 10.0 vulnerabilities in UniFi OS that allow unauthenticated remote attackers to fully compromise...
A CVSS 9.1 command injection vulnerability in UniFi OS devices allows a network-adjacent attacker with high privileges to execute arbitrary commands on...
A CVSS 10.0 improper access control flaw in UniFi OS allows any network-accessible attacker to make unauthorized changes to the underlying system with no...
A CVSS 10.0 path traversal vulnerability in UniFi OS allows an unauthenticated network attacker to read arbitrary files, including sensitive account files...
A CVSS 10.0 command injection vulnerability in UniFi OS allows any network-accessible attacker with no credentials to execute arbitrary OS commands,...