Filtered by vendor Ubiquiti Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-28365 3 Linux, Ubiquiti, Ui 3 Linux Kernel, Unifi Network Application, Unifi Network Application 2024-12-12 9.1 Critical
A backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored.
CVE-2023-31997 2 Ubiquiti, Ui 4 Unifi Os, Cloud Key Gen2, Cloud Key Gen2 Plus and 1 more 2024-11-26 9.0 Critical
UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both (1) running UniFi OS 3.1 and (2) hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen2 and Cloud Key Gen2 Plus.
CVE-2024-42028 1 Ubiquiti 1 Unifi Network Application 2024-10-29 8.8 High
A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server.
CVE-2024-42025 2 Ubiquiti, Ui 2 Unifi Network Application, Unifi Network Application 2024-09-28 7.8 High
A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device.
CVE-2024-44540 1 Ubiquiti 1 Airmax Firmware 2024-09-26 6.6 Medium
Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain a privileged command shell via the UART Debugging Port.