CVE-2021-33820

HIGH

UniFi Protect G3 FLEX Camera <UVC.v4.30.0.67 - DoS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-33820. PoCs published by Jian-Xian.

AI-analyzed exploit summary This repository provides a detailed technical writeup on CVE-2021-33820, a DoS vulnerability in UniFi Protect G3 FLEX Camera. It includes a description of the attack, demonstration screenshots, and references to tools like hping3 for exploitation.

Description

An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.

Exploits (1)

github WRITEUP 10 stars
by Jian-Xian · poc
https://github.com/Jian-Xian/CVE-POC/tree/master/CVE-2021-33820.md

This repository provides a detailed technical writeup on CVE-2021-33820, a DoS vulnerability in UniFi Protect G3 FLEX Camera. It includes a description of the attack, demonstration screenshots, and references to tools like hping3 for exploitation.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: UniFi Protect G3 FLEX Camera UVC.v4.30.0.67
No auth needed
Prerequisites: hping3 tool · network access to the target device
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory x_refsource_misc
https://linuxhint.com/hping3/

Scores

CVSS v3 7.5
EPSS 0.0193
EPSS Percentile 77.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published
Products (1)
ui/camera_g3_flex_firmware uvc.v4.30.0.67
Published Jun 18, 2021
Tracked Since Feb 18, 2026