Pierluigi Paganini
December 14, 2023
Some users of Ubiquiti wifi products started reporting unexpected access to security camera footage, photos, and other devices upon logging into their accounts.
Ubiquiti allows its customers to access and manage their devices through a proprietary cloud-based UniFi platform.
The reports of anomalous behavior began yesterday when customers received notifications through UniFi Protect from the security cameras of other users.
The website 404Media also reported that one user gained access to 88 consoles from another user’s account, while attempting to log in to their own network.
“I recently logged into https://unifi.ui.com/consoles to gain access to my consoles as I do every day. However this time I was presented with 88 consoles from another account. I had full access to these consoles, just as I would my own. This was only stopped when I forced a browser refresh, and I was presented again with my consoles.” a user claimed on the Ubiquiti community.
Ubiquiti allows its customers to access and manage their devices through a proprietary cloud-based UniFi platform.
The reports of anomalous behavior began yesterday when customers received notifications through UniFi Protect from the security cameras of other users.
“I’m reaching out for some advice regarding a peculiar situation we encountered with UniFi Protect. Recently, my wife received a notification from UniFi Protect, which included an image from a security camera. However, here’s the twist – this camera doesn’t belong to us.” a user wrote on Reddit.
“To give you a bit more context, we have two security cameras set up through UniFi Protect, and they’ve been working flawlessly until now. But this notification was completely out of the blue and showed footage from an unfamiliar camera. What’s even more strange is that when my wife opened the Protect app immediately after receiving the notification, only our two cameras were listed, as usual. We’re a bit baffled by this and concerned about the implications for our network security. Has anyone here experienced anything similar? Could this be a glitch in the system, or should we be looking into a potential breach in our network.”
After refreshing the portal page, users reported seeing the devices linked to their accounts.
Ubiquiti is aware of the anomalous behavior, below is the statement published by the company’s account on the Reddit thread:
“This is not expected behavior. We reached out via Reddit Chat to gather more details and have our leads review immediately.”
The company told 404 Media that it is investigating the problem and will follow up with a statement shortly after its review is complete.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Ubiquiti)
