Search criteria
4 vulnerabilities found for camera_g3_flex_firmware by ui
CVE-2021-33820 (GCVE-0-2021-33820)
Vulnerability from nvd – Published: 2021-06-18 18:32 – Updated: 2024-08-03 23:58
VLAI?
Summary
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:23.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://linuxhint.com/hping3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service\u0027s resource exhausted. Then the web server is denial-of-service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-18T18:32:04.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://linuxhint.com/hping3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service\u0027s resource exhausted. Then the web server is denial-of-service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera",
"refsource": "MISC",
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"name": "https://linuxhint.com/hping3/",
"refsource": "MISC",
"url": "https://linuxhint.com/hping3/"
},
{
"name": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md",
"refsource": "MISC",
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33820",
"datePublished": "2021-06-18T18:32:04.000Z",
"dateReserved": "2021-06-03T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:58:23.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33818 (GCVE-0-2021-33818)
Vulnerability from nvd – Published: 2021-06-18 18:38 – Updated: 2024-08-03 23:58
VLAI?
Summary
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:23.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shekyan/slowhttptest"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-18T18:38:03.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shekyan/slowhttptest"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33818",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/shekyan/slowhttptest",
"refsource": "MISC",
"url": "https://github.com/shekyan/slowhttptest"
},
{
"name": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera",
"refsource": "MISC",
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"name": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md",
"refsource": "MISC",
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33818",
"datePublished": "2021-06-18T18:38:03.000Z",
"dateReserved": "2021-06-03T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:58:23.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33818 (GCVE-0-2021-33818)
Vulnerability from cvelistv5 – Published: 2021-06-18 18:38 – Updated: 2024-08-03 23:58
VLAI?
Summary
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:23.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shekyan/slowhttptest"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-18T18:38:03.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shekyan/slowhttptest"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33818",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/shekyan/slowhttptest",
"refsource": "MISC",
"url": "https://github.com/shekyan/slowhttptest"
},
{
"name": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera",
"refsource": "MISC",
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"name": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md",
"refsource": "MISC",
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33818",
"datePublished": "2021-06-18T18:38:03.000Z",
"dateReserved": "2021-06-03T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:58:23.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33820 (GCVE-0-2021-33820)
Vulnerability from cvelistv5 – Published: 2021-06-18 18:32 – Updated: 2024-08-03 23:58
VLAI?
Summary
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:23.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://linuxhint.com/hping3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service\u0027s resource exhausted. Then the web server is denial-of-service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-18T18:32:04.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://linuxhint.com/hping3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service\u0027s resource exhausted. Then the web server is denial-of-service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera",
"refsource": "MISC",
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"name": "https://linuxhint.com/hping3/",
"refsource": "MISC",
"url": "https://linuxhint.com/hping3/"
},
{
"name": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md",
"refsource": "MISC",
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33820",
"datePublished": "2021-06-18T18:32:04.000Z",
"dateReserved": "2021-06-03T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:58:23.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}