CVE-2019-5456 — CVSS 8.1 (high): SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP…
CVE-2020-12695 — CVSS 7.5 (high): The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a…
CVE-2013-3572 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the administer interface in the UniFi Controller in Ubiquiti Networks UniFi 2.3.5 and earlier…
CVE-2014-2226 — CVSS 2.6 (low): Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers…