Vulnerability Description
Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it.
CVSS Score
8.8
HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubiquiti Networks | Unifi Ap Ac Lite Firmware | <= 5.2.7 |
| Ubiquiti Networks | Unifi Ap Ac Lite | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/93270
- https://packetstormsecurity.com/files/138928/Ubiquiti-UniFi-AP-AC-Lite-5.2.7-ImpExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/93270
- https://packetstormsecurity.com/files/138928/Ubiquiti-UniFi-AP-AC-Lite-5.2.7-ImpExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2016-7792?
CVE-2016-7792 is a vulnerability with a CVSS score of 8.8 (HIGH). Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it.
How severe is CVE-2016-7792?
CVE-2016-7792 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-7792?
Check the references section above for vendor advisories and patch information. Affected products include: Ubiquiti Networks Unifi Ap Ac Lite Firmware, Ubiquiti Networks Unifi Ap Ac Lite.