CVE-2020-8144

EPSS 0.26%
Published 01.04.2020 23:15:13
Last modified 21.11.2024 05:38:22
Source support@hackerone.com
Teams watchlist Login
Open Login

The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure they are within the intended destination directory tree. It accepts a request with a URL to firmware update information. If the version field contains ..\ character sequences, the destination file path to save the firmware can be manipulated to be outside the intended destination directory tree. Fixed in UniFi Video Controller v3.10.3 and newer.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Ui ≫ Unifi Video Version <= 3.9.3

Microsoft ≫ Windows Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.26%	0.495

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.4	1.7	6	CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
nvd@nist.gov	5.2	5.1	6.4	AV:A/AC:L/Au:S/C:P/I:P/A:P

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://community.ui.com/releases/Security-advisory-bulletin-006-006/3cf6264e-e0e6-4e26-a331-1d271f84673e

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-8144

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-8144

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-8144

EUVD