Vulnerabilidades em Ubiquiti Inc
56 resultadosCVE-2026-34911HIGHA malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to acEPSS 0.7%CVE-2025-27211HIGHAn Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.10.4 and earlier) could allow a Command Injection by a malicious actor with acEPSS 0.6%CVE-2024-22054HIGHA malformed discovery packet sent by a malicious actor with preexisting access to the network could interrupt the functionality of device maEPSS 0.5%CVE-2026-22558HIGHAn Authenticated NoSQL Injection vulnerability found in UniFi Network Application could allow a malicious actor with authenticated access toEPSS 0.5%CVE-2025-23116CRITICALAn Authentication Bypass vulnerability on UniFi Protect Application with Auto-Adopt Bridge Devices enabled could allow a malicious actor witEPSS 0.5%CVE-2024-29206LOWAn Improper Access Control could allow a malicious actor authenticated in the API to enable Android Debug Bridge (ADB) and make unsupported EPSS 0.4%CVE-2025-48979LOWAn Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.EPSS 0.4%CVE-2026-22565HIGHAn Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop rEPSS 0.4%CVE-2026-22564CRITICALAn Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthoriEPSS 0.4%CVE-2026-21633HIGHA malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery pEPSS 0.4%CVE-2026-21638HIGHA malicious actor in Wi-Fi range of the affected product could leverage a vulnerability in the airMAX Wireless Protocol to achieve a remote EPSS 0.4%CVE-2025-27214CRITICALA Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical oEPSS 0.4%CVE-2026-22566HIGHAn Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credeEPSS 0.4%CVE-2026-47368HIGHA malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtaiEPSS 0.4%CVE-2026-21634MEDIUMA malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery prEPSS 0.3%CVE-2024-29208LOWAn Unverified Password Change could allow a malicious actor with API access to the device to change the system password without knowing the EPSS 0.3%CVE-2025-27217CRITICALA Server-Side Request Forgery (SSRF) in the UISP Application may allow a malicious actor with certain permissions to make requests outside oEPSS 0.3%CVE-2024-29207HIGHAn Improper Certificate Validation could allow a malicious actor with access to an adjacent network to take control of the system.
AffeEPSS 0.3%CVE-2026-22559HIGHAn Improper Input Validation vulnerability in UniFi Network Server may allow unauthorized access to an account if the account owner is sociaEPSS 0.3%CVE-2025-24292MEDIUMA misconfigured query in UniFi Network (v9.1.120 and earlier) could allow users to authenticate to Enterprise WiFi or VPN Server (l2tp and OEPSS 0.3%