Ui
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Ui product.
RSS Feeds for Ui security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Ui products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Ui Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 0 vulnerabilities in Ui. Ui did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 7.80 |
| 2023 | 12 | 7.68 |
| 2022 | 3 | 8.80 |
| 2021 | 6 | 8.25 |
| 2020 | 4 | 0.00 |
| 2019 | 6 | 8.18 |
It may take a day or so for new Ui vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Ui Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2024-42025 | Sep 13, 2024 |
UniFi Network App 8.3.32-: Command Injection Enables Privilege EscalationA Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device. |
Unifi Network Application
|
| CVE-2023-41721 | Oct 25, 2023 |
UniFi Network <=7.5.176 Improper Access Control Device Adoption on UDM ConsoleInstances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. and earlier, implement device adoption with improper access control logic, creating a risk of access to device configuration information by a malicious actor with preexisting access to the network. Affected Products: UDM UDM-PRO UDM-SE UDR UDW Mitigation: Update UniFi Network to Version 7.5.187 or later. |
Unifi Network Application
|
| CVE-2023-32000 | Jul 08, 2023 |
XSS in UniFi Network 7.3.83 via admin credsA Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page. |
Unifi Network Application
|
| CVE-2023-28365 | Jul 01, 2023 |
UniFi Backup File Vulnerability 7.3.83-Pre (Linux) RCE via RestoreA backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored. |
Unifi Network Application
|
| CVE-2023-31997 | Jul 01, 2023 |
UniFi OS 3.1 MongoDB Misconfig Enables Local Network AccessUniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both (1) running UniFi OS 3.1 and (2) hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen2 and Cloud Key Gen2 Plus. |
Unifi Os
|
| CVE-2023-28122 | Apr 19, 2023 |
UI Desktop LPE via SYSTEM cmd (v0.59.1.710.61)A local privilege escalation (LPE) vulnerability in UI Desktop for Windows (Version 0.59.1.71 and earlier) allows a malicious actor with local access to a Windows device running said application to submit arbitrary commands as SYSTEM.This vulnerability is fixed in Version 0.62.3 and later. |
Desktop
|
| CVE-2023-28123 | Apr 19, 2023 |
UI Desktop Windows <=0.59.1.71: Permission Misconfig Hijacks VPN CredentialsA permission misconfiguration in UI Desktop for Windows (Version 0.59.1.71 and earlier) could allow an user to hijack VPN credentials while UID VPN is starting.This vulnerability is fixed in Version 0.62.3 and later. |
Desktop
|
| CVE-2023-28124 | Apr 19, 2023 |
UI Desktop Windows 0.59.1.71-earlier: Improper symm encryption in config filesImproper usage of symmetric encryption in UI Desktop for Windows (Version 0.59.1.71 and earlier) could allow users with access to UI Desktop configuration files to decrypt their content.This vulnerability is fixed in Version 0.62.3 and later. |
Desktop
|
| CVE-2023-1458 | Mar 25, 2023 |
Command Injection in Ubiquiti EdgeRouter X OSPF (v2.0.9-hotfix.6)A vulnerability has been found in Ubiquiti EdgeRouter X 2.0.9-hotfix.6 and classified as critical. Affected by this vulnerability is an unknown functionality of the component OSPF Handler. The manipulation of the argument area leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The associated identifier of this vulnerability is VDB-223303. NOTE: The vendor position is that post-authentication issues are not accepted as vulnerabilities. |
Edgerouter X Firmware
|
| CVE-2023-1456 | Mar 25, 2023 |
Ubiquiti EdgeRouter X 2.0.9-hotfix.6 Command Injection in NAT Config HandlerA vulnerability, which was classified as critical, has been found in Ubiquiti EdgeRouter X 2.0.9-hotfix.6. This issue affects some unknown processing of the component NAT Configuration Handler. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The identifier VDB-223301 was assigned to this vulnerability. NOTE: The vendor position is that post-authentication issues are not accepted as vulnerabilities. |
Edgerouter X Firmware
|
| CVE-2023-1457 | Mar 25, 2023 |
Ubiquiti EdgeRouter X 2.0.9 Hotfix.6 Critical Command InjectionA vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X 2.0.9-hotfix.6. Affected is an unknown function of the component Static Routing Configuration Handler. The manipulation of the argument next-hop-interface leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. VDB-223302 is the identifier assigned to this vulnerability. NOTE: The vendor position is that post-authentication issues are not accepted as vulnerabilities. |
Edgerouter X Firmware
|
| CVE-2023-24104 | Feb 23, 2023 |
UniFi Dream Machine Pro v7.2.95 Domain Restriction Bypass via Crafted PacketsUbiquiti Networks UniFi Dream Machine Pro v7.2.95 allows attackers to bypass domain restrictions via crafted packets. |
Unifi Dream Machine Pro Firmware
|
| CVE-2023-23119 | Feb 02, 2023 |
Ubiquiti airFiber AF2X Radio Firmware v3.2.2 MITM via CRC WeaknessThe use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes Ubiquiti airFiber AF2X Radio firmware version 3.2.2 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification. |
Af 2x Firmware
|
| CVE-2022-43553 | Dec 05, 2022 |
EdgeRouter RCE via operator account, before 2.0.9-hotfix.5A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later. |
Edgemax Edgerouter Firmware
|
| CVE-2022-35257 | Sep 23, 2022 |
Local Privilege Escalation in UI Desktop 0.55.1.2 and EarlierA local privilege escalation vulnerability in UI Desktop for Windows (Version 0.55.1.2 and earlier) allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM. |
Desktop
|
| CVE-2021-44530 | Jan 14, 2022 |
An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228)An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. |
Unifi Network Controller
|
| CVE-2021-44527 | Dec 07, 2021 |
A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlierA vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious actor who has already gained access to the network to perform a Deny of Service (DoS) attack on the affected switch.This vulnerability is fixed in UniFi Switch firmware 5.76.6 and later. |
Unifi Switch Firmware
|
| CVE-2021-22957 | Nov 24, 2021 |
A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlierA Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said users account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later. |
Unifi Protect
|
| CVE-2021-22952 | Sep 23, 2021 |
A vulnerability found in UniFi Talk application V1.12.3 and earlier permits a malicious actor who has already gained access to a network to subsequently control Talk device(s) assigned to said network if they are not yet adoptedA vulnerability found in UniFi Talk application V1.12.3 and earlier permits a malicious actor who has already gained access to a network to subsequently control Talk device(s) assigned to said network if they are not yet adopted. This vulnerability is fixed in UniFi Talk application V1.12.5 and later. |
Unifi Talk
|
| CVE-2021-22943 | Aug 31, 2021 |
A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said networkA vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later. |
Unifi Protect
|
| CVE-2021-22944 | Aug 31, 2021 |
A vulnerability found in UniFi Protect application V1.18.1 and earlierA vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later. |
Unifi Protect
|
| CVE-2020-24755 | May 17, 2021 |
In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directoryIn Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in (Windows 7 x64/Windows 10 x64). |
Unifi Video
|
| CVE-2020-8267 | Nov 05, 2020 |
A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using x-token improperlyA security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using x-token improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer. |
Unifi Protect Firmware
|
| CVE-2020-12695 | Jun 08, 2020 |
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URLThe Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. |
Unifi Controller
|
| CVE-2020-8148 | Apr 13, 2020 |
UniFi Cloud Key firmware < 1.1.6 contains a vulnerabilityUniFi Cloud Key firmware < 1.1.6 contains a vulnerability that enables an attacker being able to change a device hostname by sending a malicious API request. This affects Cloud Key gen2 and Cloud Key gen2 Plus. |
Cloud Key Gen2
Cloud Key Gen2 Plus
|
| CVE-2020-8126 | Feb 07, 2020 |
A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands executionA privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user (Privilege-1) to escalate privileges and became administrator (Privilege-15). |
Edgeswitch
|
| CVE-2019-5456 | Jul 30, 2019 |
SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later. |
Unifi Controller
|
| CVE-2010-5330 | Jun 11, 2019 |
On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info)On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products, and v5.4.5 for AirSync firmware. For example, Nanostation5 (Air OS) is affected. |
Airos
|
| CVE-2019-5430 | May 06, 2019 |
In UniFi Video 3.10.0 and priorIn UniFi Video 3.10.0 and prior, due to the lack of CSRF protection, it is possible to abuse the Web API to make changes on the server configuration without the user consent, requiring the attacker to lure an authenticated user to access on attacker controlled page. |
Unifi Video
|
| CVE-2019-5425 | Apr 10, 2019 |
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, whichIn Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to root. |
Edgeswitch X
|
| CVE-2019-5426 | Apr 10, 2019 |
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated userIn Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" (SOCKS proxy) functionalities. Remote attackers without credentials can exploit this bug to access local services or forward traffic through the device if SSH is enabled in the system settings. |
Edgeswitch X
|
| CVE-2019-5424 | Apr 10, 2019 |
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interfaceIn Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root user. |
Edgeswitch X
|
| CVE-2013-3572 | Dec 31, 2013 |
Cross-site scripting (XSS) vulnerability in the administer interface in the UniFi Controller in Ubiquiti Networks UniFi 2.3.5 and earlierCross-site scripting (XSS) vulnerability in the administer interface in the UniFi Controller in Ubiquiti Networks UniFi 2.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted client hostname. |
Unifi
Unifi Controller
|