Описание
In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in (Windows 7 x64/Windows 10 x64).
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
6.9 Medium
CVSS2
Дефекты
Связанные уязвимости
In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in (Windows 7 x64/Windows 10 x64).
Уязвимость исполняемого файла UniFiVideo.exe микропрограммного обеспечения устройств видеонаблюдения Ubiquiti UniFi Video, позволяющая нарушителю выполнить произвольный код
EPSS
7.8 High
CVSS3
6.9 Medium
CVSS2