Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities found for camera_g3_flex_firmware by ui
CVE-2021-33818 (GCVE-0-2021-33818)
Vulnerability from cvelistv5 – Published: 2021-06-18 18:38 – Updated: 2024-08-03 23:58
VLAI
Summary
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/shekyan/slowhttptest | x_refsource_MISC |
| https://store.ui.com/collections/unifi-protect-ca… | x_refsource_MISC |
| https://github.com/Jian-Xian/CVE-POC/blob/master/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:23.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shekyan/slowhttptest"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-18T18:38:03.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shekyan/slowhttptest"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33818",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/shekyan/slowhttptest",
"refsource": "MISC",
"url": "https://github.com/shekyan/slowhttptest"
},
{
"name": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera",
"refsource": "MISC",
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"name": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md",
"refsource": "MISC",
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33818",
"datePublished": "2021-06-18T18:38:03.000Z",
"dateReserved": "2021-06-03T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:58:23.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33820 (GCVE-0-2021-33820)
Vulnerability from cvelistv5 – Published: 2021-06-18 18:32 – Updated: 2024-08-03 23:58
VLAI
Summary
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://store.ui.com/collections/unifi-protect-ca… | x_refsource_MISC |
| https://linuxhint.com/hping3/ | x_refsource_MISC |
| https://github.com/Jian-Xian/CVE-POC/blob/master/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:23.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://linuxhint.com/hping3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service\u0027s resource exhausted. Then the web server is denial-of-service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-18T18:32:04.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://linuxhint.com/hping3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service\u0027s resource exhausted. Then the web server is denial-of-service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera",
"refsource": "MISC",
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"name": "https://linuxhint.com/hping3/",
"refsource": "MISC",
"url": "https://linuxhint.com/hping3/"
},
{
"name": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md",
"refsource": "MISC",
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33820",
"datePublished": "2021-06-18T18:32:04.000Z",
"dateReserved": "2021-06-03T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:58:23.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33818 (GCVE-0-2021-33818)
Vulnerability from nvd – Published: 2021-06-18 18:38 – Updated: 2024-08-03 23:58
VLAI
Summary
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/shekyan/slowhttptest | x_refsource_MISC |
| https://store.ui.com/collections/unifi-protect-ca… | x_refsource_MISC |
| https://github.com/Jian-Xian/CVE-POC/blob/master/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:23.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shekyan/slowhttptest"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-18T18:38:03.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shekyan/slowhttptest"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33818",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/shekyan/slowhttptest",
"refsource": "MISC",
"url": "https://github.com/shekyan/slowhttptest"
},
{
"name": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera",
"refsource": "MISC",
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"name": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md",
"refsource": "MISC",
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33818",
"datePublished": "2021-06-18T18:38:03.000Z",
"dateReserved": "2021-06-03T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:58:23.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33820 (GCVE-0-2021-33820)
Vulnerability from nvd – Published: 2021-06-18 18:32 – Updated: 2024-08-03 23:58
VLAI
Summary
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://store.ui.com/collections/unifi-protect-ca… | x_refsource_MISC |
| https://linuxhint.com/hping3/ | x_refsource_MISC |
| https://github.com/Jian-Xian/CVE-POC/blob/master/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:23.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://linuxhint.com/hping3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service\u0027s resource exhausted. Then the web server is denial-of-service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-18T18:32:04.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://linuxhint.com/hping3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service\u0027s resource exhausted. Then the web server is denial-of-service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera",
"refsource": "MISC",
"url": "https://store.ui.com/collections/unifi-protect-cameras/products/unifi-video-g3-flex-camera"
},
{
"name": "https://linuxhint.com/hping3/",
"refsource": "MISC",
"url": "https://linuxhint.com/hping3/"
},
{
"name": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md",
"refsource": "MISC",
"url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33820",
"datePublished": "2021-06-18T18:32:04.000Z",
"dateReserved": "2021-06-03T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:58:23.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}