Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Cross-site WebSocket Hijacking (CSWSH) vulnerability found in UniFi OS 2.5 and earlier allows a malicious actor to access certain confidential information by persuading a UniFi OS user to visit a malicious webpage.Affected Products:Cloud Key Gen2Cloud Key Gen2 PlusUNVRUNVR ProfessionalUDMUDM ProfessionalUDM SEUDRMitigation:Update affected products to UniFi OS 3.0.13 or later.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Ubiquiti UniFi Cloud Key 跨站请求伪造漏洞
Vulnerability Description
Ubiquiti UniFi Cloud Key是美国优比快(Ubiquiti)公司的一款支持管理UniFi网络的秘钥设备。 Ubiquiti UniFi Cloud Key UniFi OS 2.5及之前版本存在安全漏洞,该漏洞源于允许恶意行为者通过诱使 UniFi OS 用户访问恶意网页来访问某些机密信息, 以下产品和版本受到影响:Cloud Key Gen2、 Cloud Key Gen2 Plus、UNVR、UNVR Professional、UDM、UDM Professional、UDM SE
CVSS Information
N/A
Vulnerability Type
N/A