CVE-2016-7792

HIGH

Ubiquiti Networks UniFi AP AC Lite Firmware < 5.2.7 - Unauthenticated Database Modification via Direct Connection

Title source: llm
STIX 2.1

Description

Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93270

Scores

CVSS v3 8.8
EPSS 0.0301
EPSS Percentile 85.8%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-284
Status published
Products (1)
ubiquiti_networks/unifi_ap_ac_lite_firmware < 5.2.7
Published Jan 23, 2017
Tracked Since Feb 18, 2026