CVE-2021-33820

HIGH

UniFi Protect G3 FLEX Camera <UVC.v4.30.0.67 - DoS

Title source: llm

Description

An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.

Exploits (1)

github WRITEUP 10 stars

by Jian-Xian · poc

https://github.com/Jian-Xian/CVE-POC/tree/master/CVE-2021-33820.md

View Code ZIP pw:eip

References (3)

[Product, Vendor Advisory] https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera

[Third Party Advisory] https://linuxhint.com/hping3/

[Exploit, Third Party Advisory] https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md

View Exploit ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0056

EPSS Percentile 68.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (1)

ui/camera_g3_flex_firmware uvc.v4.30.0.67

Published Jun 18, 2021

Tracked Since Feb 18, 2026