Vulnerabilities > UNI

DATE CVE VULNERABILITY TITLE RISK
2023-05-11 CVE-2023-28361 Cross-Site Request Forgery (CSRF) vulnerability in UNI Unifi OS
A Cross-site WebSocket Hijacking (CSWSH) vulnerability found in UniFi OS 2.5 and earlier allows a malicious actor to access certain confidential information by persuading a UniFi OS user to visit a malicious webpage.Affected Products:Cloud Key Gen2Cloud Key Gen2 PlusUNVRUNVR ProfessionalUDMUDM ProfessionalUDM SEUDRMitigation:Update affected products to UniFi OS 3.0.13 or later.
network
low complexity
uni CWE-352
6.5