Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

UniFi Protect <= 1.19.2 CORS Vulnerability

Information

Severity

Severity

High

Family

Family

Web application abuses

CVSSv2 Base

CVSSv2 Base

7.6

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

2 years ago

Modified

Modified

2 years ago

Summary

UniFi Protect is prone to a cross-origin resource sharing (CORS) vulnerability.

Insight

Insight

A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user's account.

Affected Software

Affected Software

UniFi Protect version 1.19.2 and prior.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Update to version 1.20.0 or later.

Common Vulnerabilities and Exposures (CVE)