Vulnerabilidades en Ubiquiti Inc
56 resultadosCVE-2025-52665CRITICALA malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, tEPSS 40.5%CVE-2026-34910CRITICALA malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute aEPSS 33.6%CVE-2026-22557CRITICALA malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access fEPSS 15.6%CVE-2025-27212CRITICALAn Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a malicious actor with access to UniFi AccesEPSS 1.2%CVE-2025-24285CRITICALMultiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a Command Injection by a malicious actor with EPSS 1.2%CVE-2024-27981CRITICALA Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.0.28 and eaEPSS 1.2%CVE-2026-33000CRITICALA malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS EPSS 1.1%CVE-2026-22563CRITICALA series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play netEPSS 1.1%CVE-2025-23123CRITICALA malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow vulEPSS 1.0%CVE-2023-38034HIGHA command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, couldEPSS 1.0%CVE-2026-34909CRITICALA malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the uEPSS 0.9%CVE-2026-34908CRITICALA malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthEPSS 0.9%CVE-2026-47370CRITICALA malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain deEPSS 0.8%CVE-2026-47367CRITICALA malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UID EnterpEPSS 0.8%CVE-2024-42025HIGHA Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and eaEPSS 0.8%CVE-2026-22562CRITICALA malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write fEPSS 0.8%CVE-2023-35085CRITICALAn integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default EPSS 0.7%CVE-2025-23119HIGHAn Improper Neutralization of Escape Sequences vulnerability could allow an Authentication Bypass with a Remote Code Execution (RCE) by a maEPSS 0.7%CVE-2025-48978HIGHAn Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.11.0 and earlier) could allow a Command Injection by a malicious actor with acEPSS 0.7%CVE-2025-23115CRITICALA Use After Free vulnerability on UniFi Protect Cameras could allow a Remote Code Execution (RCE) by a malicious actor with access to UniFi EPSS 0.7%