Ubiquiti Resolves Vulnerability Exposing Private Video Streams to Fellow Customers

Ubiquity, the networking and video surveillance camera maker, has fixed a bug that users say mistakenly allowed them access to the accounts and private live video streams of other customers. Reports first emerged on Reddit that some customers received push notifications on their phones featuring Ubiquiti account-related information and private video streams belonging to other customers. Another person said they logged into their Ubiquiti account but were presented with the account data of another customer. “I logged in and I seem to be someone else,” said one person on the Ubiquiti subreddit. Ubiquiti is a cloud and technology company that makes routers, network switches, security and video surveillance gear, which can be remotely controlled and operated through its centralized cloud offering.

Ubiquity, the renowned producer of networking and video surveillance cameras, has successfully resolved a glitch that unintentionally granted users entrance into the accounts and private live video feeds of fellow customers.

“I logged in and I seem to be someone else,” said one person on the Ubiquiti subreddit. Another said they had “full access” to dozens of consoles that were not their own.

According to initial reports on Reddit, certain individuals received push notifications on their mobile devices containing confidential account information and personal video streams belonging to other users. Furthermore, some users logged into their Ubiquiti accounts only to discover the account details of a different customer presented to them.

Ubiquiti is a company that specializes in cloud technology and produces a vast range of products, spanning from routers and network switches to security and video surveillance equipment. Its centralized cloud service allows users to remotely maneuver and operate these products.

The company elaborated on the issue in a subsequent post on its community forum, stating that the cause of the problem has been “identified and addressed”. According to an anonymous Ubiquiti employee, the root of the issue can be attributed to an upgrade in their cloud infrastructure.

They explained, “We were made aware of a small number of instances where users received push notifications on their mobile devices that appeared to come from unknown consoles, or where such users were able to access consoles that didn’t appear to be their own.”

Ubiquiti reported that 1,216 accounts from one group were incorrectly associated with another group of 1,177 accounts. The unauthorized access was active for a duration of nine hours on December 13.

Although this incident seems to be a technical error rather than a malicious attack, it serves as a reminder that Ubiquiti maintains significant access and control over the devices and data of its customers.

Avatar photo
Kira Kim

Kira Kim is a science journalist with a background in biology and a passion for environmental issues. She is known for her clear and concise writing, as well as her ability to bring complex scientific concepts to life for a general audience.

Articles: 867

Leave a Reply

Your email address will not be published. Required fields are marked *