URL has been copied successfully!
Critical UniFi OS RCE Chain Grants Root Access Without Credentials
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Critical UniFi OS RCE Chain Grants Root Access Without Credentials


Tags: , , , , , , , , , ,

Security Advisory Bulletin 064 describing a critical chain of vulnerabilities in UniFi OS Server that allows unauthenticated remote code execution and full root takeover. The issue combines an authentication-gateway bypass, a path-traversal mismatch, and a command-injection sink in the package-update service. When chained, these flaws let an attacker send a single crafted HTTP request to […] The post Critical UniFi OS RCE Chain Grants Root Access Without Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/unifi-os-rce-chain/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Top 12 ways hackers broke into your systems in 2024
  2. Frequently Asked Questions About Iranian Cyber Operations
  3. Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)
  4. Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure