Vulnerabilities > CVE-2021-33820 - Unspecified vulnerability in UI Camera G3 Flex Firmware Uvc.V4.30.0.67

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

NVD

Published: 2021-06-18

Updated: 2022-07-12

Summary

An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.

Vulnerable Configurations

Part	Description	Count
OS	Ui UI Camera G3 Flex Firmware Uvc.V4.30.0.67	1
Hardware	Ui UI Camera G3 Flex -	1

References

https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera
https://linuxhint.com/hping3/
https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md