Ubiquiti UniFi Network Application

CPE Details

Ubiquiti UniFi Network Application
ui
unifi_network_application
-
2024-12-12
18h06 +00:00
2024-12-12
18h06 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ui:unifi_network_application:-:*:*:*:*:*:*:*

Informations

Vendor

ui

Product

unifi_network_application

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-42025 2024-09-13 15h47 +00:00 A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device.
7.8
High
CVE-2023-41721 2023-10-25 00h24 +00:00 Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. and earlier, implement device adoption with improper access control logic, creating a risk of access to device configuration information by a malicious actor with preexisting access to the network. Affected Products: UDM UDM-PRO UDM-SE UDR UDW Mitigation: Update UniFi Network to Version 7.5.187 or later.
5.3
Medium
CVE-2023-32000 2023-07-07 23h07 +00:00 A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page.
4.8
Medium
CVE-2023-28365 2023-06-30 23h40 +00:00 A backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored.
9.1
Critical