Ubiquiti UniFi 52 devices, when Hotspot mode is used, allow remote attackers to bypass intended restrictions on "free time" Wi-Fi usage by sending a /guest/s/default/ request to obtain a cookie, and then using this cookie in a /guest/s/default/login request with the byfree parameter.
References
Link | Resource |
---|---|
https://www.red4sec.com/cve/unifi.txt | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-06-07T15:26:24
Updated: 2019-06-07T15:26:24
Reserved: 2018-01-07T00:00:00
Link: CVE-2018-5264
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-06-07T16:29:00.500
Modified: 2019-06-11T13:44:46.273
Link: CVE-2018-5264
JSON object: View
Redhat Information
No data.
CWE