Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ui unifi vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-8213
An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.
Ui Unifi Protect
685
VMScore
CVE-2014-2225
Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller prior to 3.2.1 allow remote malicious users to hijack the authentication of administrators for requests that (1) create a new admin user via a request to api/add/admin; (2) have unspe...
Ui Airvision Controller
Ui Mfi Controller
Ui Unifi Controller
1 EDB exploit
445
VMScore
CVE-2020-8267
A security issue was found in UniFi Protect controller v1.14.10 and previous versions.The authentication in the UniFi Protect controller API was using “x-token” improperly, allowing malicious users to use the API to send authenticated messages without a valid token.Th...
Ui Unifi Protect Firmware
614
VMScore
CVE-2020-24755
In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in (Windows 7 x64/Windows 10 x64).
Ui Unifi Video 3.10.13
NA
CVE-2023-32000
A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and previous versions) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page.
Ui Unifi Network Application
543
VMScore
CVE-2021-44527
A vulnerability found in UniFi Switch firmware Version 5.43.35 and previous versions allows a malicious actor who has already gained access to the network to perform a Deny of Service (DoS) attack on the affected switch.This vulnerability is fixed in UniFi Switch firmware 5.76.6 ...
Ui Unifi Switch Firmware
668
VMScore
CVE-2021-44530
An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and previous versions (Log4J CVE-2021-44228) allows a malicious actor to control the application.
Ui Unifi Network Controller
725
VMScore
CVE-2016-6914
Ubiquiti UniFi Video prior to 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.
Ui Unifi Video
1 EDB exploit
NA
CVE-2023-38034
A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.53 and previous versions) All UniFi Switches (...
Ui Unifi Uap Firmware
Ui Unifi Switch Firmware
NA
CVE-2023-35085
An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.50 and previous versions...
Ui Unifi Uap Firmware
Ui Unifi Switch Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »