1 results (0.002 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. Se presenta una vulnerabilidad de inyección en una biblioteca de terceros usada en UniFi Network versiones 6.5.53 y anteriores (Log4J CVE-2021-44228) que permite a un actor malicioso controlar la aplicación • https://community.ui.com/releases/Security-Advisory-Bulletin-023-023/808a1db0-5f8e-4b91-9097-9822f3f90207 • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •