Ubiquity, a maker of networking and video surveillance cameras, has fixed a bug that it claims allowed users to accidentally grant access to other customers’ accounts and private live video streams.
report appeared first On Reddit, some Customer received push notification You can view Ubiquiti account-related information and other customers’ private video streams on your phone. Another person said they logged into their Ubiquiti account, but I was presented with another customer’s account data.
One person on the Ubiquiti subreddit said, “When I log in, I feel like a different person.” Another user said he had “full access” to dozens of consoles that did not belong to him.
Ubiquiti is a cloud and technology company that manufactures routers, network switches, security and video surveillance equipment that can be controlled and operated remotely through a centralized cloud product.
in Subsequent posts to community forumsUbiquiti said it had “identified and addressed the cause of this issue,” and the company attributed the issue to an upgrade to its cloud infrastructure.
“We have observed a small number of instances where users received push notifications on their mobile devices that appeared to come from an unknown console, or where such users were able to access a console that was not theirs,” Ubiquiti said. Unnamed employee.
The company announced that 1,216 accounts from one group were improperly associated with 1,177 accounts from another group, and the mixed access lasted approximately nine hours on December 13th.
Although this appears to be a misconfiguration rather than a criminal case, mistakes happen, and this is a reminder that Ubiquiti still retains broad access and control over its customers’ devices and data.
Source: techcrunch.com
