Filtered by vendor Ubiquiti
Subscriptions
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-28365 | 3 Linux, Ubiquiti, Ui | 3 Linux Kernel, Unifi Network Application, Unifi Network Application | 2024-12-12 | 9.1 Critical |
A backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored. | ||||
CVE-2023-31997 | 2 Ubiquiti, Ui | 4 Unifi Os, Cloud Key Gen2, Cloud Key Gen2 Plus and 1 more | 2024-11-26 | 9.0 Critical |
UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both (1) running UniFi OS 3.1 and (2) hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen2 and Cloud Key Gen2 Plus. | ||||
CVE-2024-42028 | 1 Ubiquiti | 1 Unifi Network Application | 2024-10-29 | 8.8 High |
A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server. | ||||
CVE-2024-42025 | 2 Ubiquiti, Ui | 2 Unifi Network Application, Unifi Network Application | 2024-09-28 | 7.8 High |
A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device. | ||||
CVE-2024-44540 | 1 Ubiquiti | 1 Airmax Firmware | 2024-09-26 | 6.6 Medium |
Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain a privileged command shell via the UART Debugging Port. |
Page 1 of 1.