Ubiquiti airCam 3.1.4 RTSP Service Denial of Service Vulnerability

Ubiquiti airCam 3.1.4 RTSP Service Denial of Service Vulnerability

CVE-2019-12727 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

On Ubiquiti airCam 3.1.4 devices, a Denial of Service vulnerability exists in the RTSP Service provided by the ubnt-streamer binary. The issue can be triggered via malformed RTSP requests that lead to an invalid memory read. To exploit the vulnerability, an attacker must craft an RTSP request with a large number of headers.

Learn more about our Web Application Penetration Testing UK.