3 results (0.008 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server. • https://community.ui.com/releases/Security-Advisory-Bulletin-043-043/28e45c75-314e-4f07-a4f3-d17f67bd53f7 • CWE-276: Incorrect Default Permissions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device. • https://community.ui.com/releases/Security-Advisory-Bulletin-042-042/c4f68b56-cdc4-4128-b2cb-5870209d1704 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: -EPSS: 0%CPEs: 1EXPL: 0

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.0.28 and earlier) allows a malicious actor with UniFi Network Application Administrator credentials to escalate privileges to root on the host device. Affected Products: UniFi Network Application (Version 8.0.28 and earlier) . Mitigation: Update UniFi Network Application to Version 8.1.113 or later. Una vulnerabilidad de inyección de comandos encontrada en servidores de red UniFi autohospedados (Linux) con la aplicación de red UniFi (versión 8.0.28 y anteriores) permite a un actor malicioso con credenciales de administrador de la aplicación de red UniFi escalar privilegios a root en el dispositivo host. Productos afectados: Aplicación de red UniFi (Versión 8.0.28 y anteriores). Mitigación: actualice la aplicación UniFi Network a la versión 8.1.113 o posterior. • https://community.ui.com/releases/Security-Advisory-Bulletin-038-038/9d13fead-47de-4372-b2c1-745b8d6b0399 •