CVE-2016-7792

EUVD-2016-8642
Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
Affected Products (NVD)
VendorProductVersion
ubiquiti_networksunifi_ap_ac_lite_firmware
𝑥
≤ 5.2.7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/93270
https://packetstormsecurity.com/files/138928/Ubiquiti-UniFi-AP-AC-Lite-5.2.7-Improper-Access-Control.html
http://www.securityfocus.com/bid/93270
https://packetstormsecurity.com/files/138928/Ubiquiti-UniFi-AP-AC-Lite-5.2.7-Improper-Access-Control.html