CVE-2020-8267
https://notcve.org/view.php?id=CVE-2020-8267
A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using “x-token” improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer. Se encontró un problema de seguridad en el controlador UniFi Protect versiones v1.14.10 y anteriores. La autenticación en la API del controlador UniFi Protect estaba usando "x-token" inapropiadamente, permitiendo a atacantes usar la API para enviar mensajes autenticados sin un token válido. Esta vulnerabilidad fue corregida en UniFi Protect versiones v1.14.11 y más recientes. Este problema no afecta a UniFi Cloud Key Gen 2 plus. • https://community.ui.com/releases/UniFi-Dream-Machine-Firmware-1-8-0/deabc255-a081-49ba-8f51-131f3a13000a https://community.ui.com/releases/UniFi-Protect-1-14-11/928e6fac-afeb-49c2-93a5-1b3066bf2bbf https://community.ui.com/releases/UniFi-Protect-NVR-Firmware-1-3-15/c2a783a6-c996-43d9-ab95-8c97ae05a98f • CWE-287: Improper Authentication •
CVE-2020-8188
https://notcve.org/view.php?id=CVE-2020-8188
We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges. Recientemente hemos publicado una nueva versión del firmware UniFi Protect versión v1.13.3 y v1.14.10 para Unifi Cloud Key Gen2 Plus y UniFi Dream Machine Pro/UNVR respectivamente, que corrige las vulnerabilidades encontradas en el firmware Protect versiones v1.13.2, v1.14.9 y anteriores, de acuerdo con la siguiente descripción: Visualiza solo usuarios que pueden ejecutar determinados comandos personalizados que les permiten asignarse a si mismos roles no autorizados y escalar sus privilegios • https://community.ui.com/releases/Security-advisory-bulletin-012-012/1bba9134-f888-4010-81c0-b0dd53b9bda4 https://community.ui.com/releases/UniFi-Protect-1-13-3/f4be7d35-93a3-422b-8eef-122e442c00ba https://community.ui.com/releases/UniFi-Protect-1-14-10/48a8dbdd-b872-47fa-bbde-1d24ddf5d5b5 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •