Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ui unifi network application vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-32000
A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and previous versions) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page.
Ui Unifi Network Application
7.5
CVSSv2
CVE-2021-44530
An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and previous versions (Log4J CVE-2021-44228) allows a malicious actor to control the application.
Ui Unifi Network Controller
8.3
CVSSv2
CVE-2021-22943
A vulnerability found in UniFi Protect application V1.18.1 and previous versions permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V...
Ui Unifi Protect
6.5
CVSSv2
CVE-2021-22952
A vulnerability found in UniFi Talk application V1.12.3 and previous versions permits a malicious actor who has already gained access to a network to subsequently control Talk device(s) assigned to said network if they are not yet adopted. This vulnerability is fixed in UniFi Tal...
Ui Unifi Talk
7.7
CVSSv2
CVE-2021-22944
A vulnerability found in UniFi Protect application V1.18.1 and previous versions allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V...
Ui Unifi Protect
NA
CVE-2023-31997
UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both (1) running UniFi OS 3.1 and (2) hosting the UniFi Network application. "Applicable Cloud Keys" inclu...
Ui Unifi Os 3.1
NA
CVE-2023-41721
Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. and previous versions, implement device adoption with improper access control logic, creating a risk of access to device configuration information by a malicious act...
Ui Unifi Network Application
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started