A vulnerability found in UniFi Talk application V1.12.3 and earlier permits a malicious actor who has already gained access to a network to subsequently control Talk device(s) assigned to said network if they are not yet adopted. This vulnerability is fixed in UniFi Talk application V1.12.5 and later.
References
Link | Resource |
---|---|
https://community.ui.com/releases/Security-Advisory-Bulletin-020-020/8ce6a7e6-0cce-4814-8bbe-ee812cb94b1a | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2021-09-23T12:41:07
Updated: 2021-09-23T12:41:07
Reserved: 2021-01-06T00:00:00
Link: CVE-2021-22952
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-09-23T13:15:08.950
Modified: 2022-08-30T22:41:58.627
Link: CVE-2021-22952
JSON object: View
Redhat Information
No data.
CWE