Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ui unifi network application vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-32000
A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and previous versions) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page.
Ui Unifi Network Application
668
VMScore
CVE-2021-44530
An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and previous versions (Log4J CVE-2021-44228) allows a malicious actor to control the application.
Ui Unifi Network Controller
739
VMScore
CVE-2021-22943
A vulnerability found in UniFi Protect application V1.18.1 and previous versions permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V...
Ui Unifi Protect
580
VMScore
CVE-2021-22952
A vulnerability found in UniFi Talk application V1.12.3 and previous versions permits a malicious actor who has already gained access to a network to subsequently control Talk device(s) assigned to said network if they are not yet adopted. This vulnerability is fixed in UniFi Tal...
Ui Unifi Talk
685
VMScore
CVE-2021-22944
A vulnerability found in UniFi Protect application V1.18.1 and previous versions allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V...
Ui Unifi Protect
NA
CVE-2023-31997
UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both (1) running UniFi OS 3.1 and (2) hosting the UniFi Network application. "Applicable Cloud Keys" inclu...
Ui Unifi Os 3.1
NA
CVE-2023-41721
Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. and previous versions, implement device adoption with improper access control logic, creating a risk of access to device configuration information by a malicious act...
Ui Unifi Network Application
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started