An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NUi Unifi Controller
HWUiwszystkie wersjeUi Unifi Controller Firmware
OSUi6.0.28Ui Unifi Meshing Access Point
HWUiwszystkie wersjeUi Unifi Meshing Access Point Firmware
OSUi4.3.21.11325
Related vulnerabilities
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subs...
Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller before 3.2.1 ...
SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= ...
Cross-site scripting (XSS) vulnerability in the administer interface in the UniFi Controller in Ubiquiti Netwo...
Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows ...