Public Ubiquiti Networks bug reports.

Team Bounty Title
Ubiquiti Networks - CRLF Injection on openvpn.svc.ubnt.com
Ubiquiti Networks $100 HTML Injection on airlink.ubnt.com
Ubiquiti Networks $100 Expired SSL certificate
Ubiquiti Networks - 200 http code in 403 forbidden directories on main Ubnt.com domain
Ubiquiti Networks $150 XSS
Ubiquiti Networks $500 [dev-unifi-go.ubnt.com] Insecure CORS, Stealing Cookies
Ubiquiti Networks $6,000 Ability to log in as any user without authentication if █████████ is empty
Ubiquiti Networks - XSS via SVG file
Ubiquiti Networks - Subdomain takeover on https://cloudfront.ubnt.com/ due to non-used CloudFront DNS entry
Ubiquiti Networks $100 Reflected cross-site scripting (XSS) vulnerability in scores.ubnt.com allows attackers to inject arbitrary web script via p parameter.
Ubiquiti Networks $1,000 sqli
Ubiquiti Networks - Weak credentials for nutty.ubnt.com
Ubiquiti Networks $150 AirFibre products vulnerable to HTTP Header injection
Ubiquiti Networks - Content Spoofing or Text Injection in (403 forbidden page injection) and Nginx version disclosure via response header
Ubiquiti Networks $600 Wordpress directories/files visible to internet
Ubiquiti Networks $150 Can upload files without authentication on AirFibre 3.2
Ubiquiti Networks $100 [nutty.ubnt.com] DOM Based XSS nuttyapp github-btn.html
Ubiquiti Networks $2,000 [EdgeSwitch] Web GUI command injection as root with Privilege-1 and Privilege-15 users
Ubiquiti Networks $500 Subdomain Takeover (moderator.ubnt.com)
Ubiquiti Networks $500 Stored XSS in community.ubnt.com
Ubiquiti Networks $500 Authentication bypass on sso.ubnt.com via subdomain takeover of ping.ubnt.com
Ubiquiti Networks $150 [scores.ubnt.com] DOM based XSS at form.html
Ubiquiti Networks $500 IDOR Causing Deletion of any account
Ubiquiti Networks $185 Reflected Xss in AirMax [Nanostation Loco M2]
Ubiquiti Networks $1,000 Subdomain takeover on partners.ubnt.com due to non-used CloudFront DNS entry
Ubiquiti Networks $150 [account-global.ubnt.com] CRLF Injection
Ubiquiti Networks $125 Stored XSS in unifi.ubnt.com
Ubiquiti Networks $260 Open Redirect in unifi.ubnt.com [Controller Finder]
Ubiquiti Networks $2,750 Read-Only user can execute arbitraty shell commands on AirOS
Ubiquiti Networks $1,000 Source code disclosure on https://107.23.69.180
Ubiquiti Networks $275 Reflected XSS in scores.ubnt.com
Ubiquiti Networks $1,500 Read-Only user can execute arbitraty shell commands on AirOS
Ubiquiti Networks $1,300 Shell Injection via Web Management Console (dl-fw.cgi)
Ubiquiti Networks $1,500 Read-Only user can execute arbitraty shell commands on AirOS
Ubiquiti Networks $1,000 Auth bypass on directory.corp.ubnt.com
Ubiquiti Networks $500 Subdomain Takeover in http://assets.goubiquiti.com/
Ubiquiti Networks $150 Reflected File Download in community.ubnt.com/restapi/
Ubiquiti Networks $200 account.ubnt.com CSRF
Ubiquiti Networks $500 Yet another Buffer Overflow in PHP of the AirMax Products
Ubiquiti Networks $500 Other Buffer Overflow in PHP of the AirMax Products
Ubiquiti Networks $250 Buffer Overflow in PHP of the AirMax Products
Ubiquiti Networks $18,000 Arbritrary file Upload on AirMax
Ubiquiti Networks $500 UniFi v3.2.10 Cross-Site Request Forgeries / Referer-Check Bypass
Ubiquiti Networks $500 CSRF in login form would led to account takeover