Vulnerabilities > CVE-2021-22882 - Unspecified vulnerability in UI Unifi Protect Controller

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

NVD

Published: 2021-02-23

Updated: 2022-08-30

Summary

UniFi Protect before v1.17.1 allows an attacker to use spoofed cameras to perform a denial-of-service attack that may cause the UniFi Protect controller to crash.

Vulnerable Configurations

Part	Description	Count
Application	Ui UI Unifi Protect Controller *	1
Hardware	Ui UI Unifi Cloud KEY Plus - UI Unifi Dream Machine PRO - UI Unifi Network Video Recorder -	3

References

https://community.ui.com/releases/Security-advisory-bulletin-017-017/071141e5-bc2e-4b71-81f3-5e499316fcee
https://hackerone.com/reports/1008579