CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24292
https://notcve.org/view.php?id=CVE-2025-24292
29 Jun 2025 — A misconfigured query in UniFi Network (v9.1.120 and earlier) could allow users to authenticate to Enterprise WiFi or VPN Server (l2tp and OpenVPN) using a device’s MAC address from 802.1X or MAC Authentication, if both services are enabled and share the same RADIUS profile. • https://community.ui.com/releases/Security-Advisory-Bulletin-049-049/7a019b27-6c77-4500-bec8-596cd87c9292 • CWE-287: Improper Authentication •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24290
https://notcve.org/view.php?id=CVE-2025-24290
29 Jun 2025 — Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (Version 2.4.206 and earlier) could allow a malicious actor with low privileges to escalate privileges. • https://community.ui.com/releases/Security-Advisory-Bulletin-048-048/af007d99-bb6d-4368-a12f-75e84de19e8d • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24289
https://notcve.org/view.php?id=CVE-2025-24289
29 Jun 2025 — A Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in the UCRM Client Signup Plugin (v1.3.4 and earlier) could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default. • https://community.ui.com/releases/Security-Advisory-Bulletin-048-048/af007d99-bb6d-4368-a12f-75e84de19e8d • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23123
https://notcve.org/view.php?id=CVE-2025-23123
19 May 2025 — A malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow vulnerability in the UniFi Protect Cameras (Version 4.75.43 and earlier) firmware. • https://community.ui.com/releases/Security-Advisory-Bulletin-047-047/cef86c37-7421-44fd-b251-84e76475a5bc • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23164
https://notcve.org/view.php?id=CVE-2025-23164
19 May 2025 — A misconfigured access token mechanism in the Unifi Protect Application (Version 5.3.41 and earlier) could permit the recipient of a "Share Livestream" link to maintain access to the corresponding livestream subsequent to such link becoming disabled. • https://community.ui.com/releases/Security-Advisory-Bulletin-047-047/cef86c37-7421-44fd-b251-84e76475a5bc • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23119 – Ubiquiti Networks AI Bullet Improper Neutralization of Escape Sequences Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-23119
01 Mar 2025 — An Improper Neutralization of Escape Sequences vulnerability could allow an Authentication Bypass with a Remote Code Execution (RCE) by a malicious actor with access to UniFi Protect Cameras adjacent network. This vulnerability allows network-adjacent attackers to bypass authentication on affected Ubiquiti Networks AI Bullet cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of DHCP packet options. The issue results from insufficient neutral... • https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23116 – Ubiquiti Networks UniFi Console Missing Authentication for Critical Function Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-23116
01 Mar 2025 — An Authentication Bypass vulnerability on UniFi Protect Application with Auto-Adopt Bridge Devices enabled could allow a malicious actor with access to UniFi Protect Cameras adjacent network to take control of UniFi Protect Cameras. This vulnerability allows network-adjacent attackers to bypass authentication on affected Ubiquiti Networks UniFi Console devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of bridge device adoption requests. The i... • https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23117 – Ubiquiti Networks AI Bullet Insufficient Firmware Update Validation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-23117
01 Mar 2025 — An Insufficient Firmware Update Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Ubiquiti Networks AI Bullet Cameras. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of firmware... • https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f • CWE-346: Origin Validation Error •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23115
https://notcve.org/view.php?id=CVE-2025-23115
01 Mar 2025 — A Use After Free vulnerability on UniFi Protect Cameras could allow a Remote Code Execution (RCE) by a malicious actor with access to UniFi Protect Cameras management network. • https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23118 – Ubiquiti Networks AI Bullet Improper Certificate Validation Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-23118
01 Mar 2025 — An Improper Certificate Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system. This vulnerability allows network-adjacent attackers to bypass authentication on affected Ubiquiti Networks AI Bullet cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ubnt_avclient component. The issue results from the lack of proper validation of the cert... • https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f • CWE-295: Improper Certificate Validation •