What the vulnerability does

01Description

SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.

Key dates

02Disclosure timeline

July 30, 2019 CVE published
August 4, 2024 Record updated