Ubiquiti airCam < 1.2.0 ubnt-streamer RTSP Service Remote Code Execution
High Nessus Plugin ID 72580
SynopsisThe remote device is affected by a remote code execution vulnerability.
DescriptionAccording to its self-reported version number, the firmware installed on the remote host is prior to 1.2.0. It is, therefore, affected by a remote code execution vulnerability in the 'ubnt-streamer' RTSP service when parsing an overly large URI of a RTSP request message. An attacker can exploit this issue to cause a denial of service or execute arbitrary code.
SolutionUpgrade to firmware version 1.2.0 or later.