CVE-2016-7792

Опубликовано: 23 янв. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 8.3

EPSS Низкий

Описание

Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it.

Ссылки

http://www.securityfocus.com/bid/93270
https://packetstormsecurity.com/files/138928/Ubiquiti-UniFi-AP-AC-Lite-5.2.7-Improper-Access-Control.html
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/93270
https://packetstormsecurity.com/files/138928/Ubiquiti-UniFi-AP-AC-Lite-5.2.7-Improper-Access-Control.html
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:ubiquiti_networks:unifi_ap_ac_lite_firmware:*:*:*:*:*:*:*:*

Версия до 5.2.7 (включая)

cpe:2.3:h:ubiquiti_networks:unifi_ap_ac_lite:-:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00671

Низкий

8.8 High

CVSS3

8.3 High

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-p2fx-5559-g9cr