In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in (Windows 7 x64/Windows 10 x64).
References
Link | Resource |
---|---|
https://www.youtube.com/watch?v=T41h4yeh9dk | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-05-17T21:06:37
Updated: 2021-05-17T21:06:37
Reserved: 2020-08-28T00:00:00
Link: CVE-2020-24755
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-05-17T22:15:07.493
Modified: 2021-05-24T17:48:35.257
Link: CVE-2020-24755
JSON object: View
Redhat Information
No data.
CWE