Unifi Play Poweramp
Monthly
Critical command injection in Ubiquiti UniFi Play PowerAmp and Audio Port allows remote unauthenticated attackers to execute arbitrary commands with network access to the device management interface. Affects PowerAmp versions ≤1.0.35 and Audio Port versions ≤1.0.24. CVSS 9.8 critical severity reflects network-accessible attack with no authentication barriers. EPSS score of 0.08% (24th percentile) suggests low immediate exploitation probability despite critical scoring. Vendor-released patches av
Path traversal in UniFi Play PowerAmp (≤1.0.35) and Audio Port (≤1.0.24) firmware allows unauthenticated remote attackers to write arbitrary files for remote code execution. CVSS 9.8 critical severity reflects network-accessible attack requiring no authentication or user interaction. EPSS score of 0.11% (30th percentile) suggests low immediate exploitation probability despite critical rating. No public exploit identified at time of analysis. Reported via HackerOne bug bounty, vendor patches avai
Improper access control in Ubiquiti UniFi Play PowerAmp (≤1.0.35) and Audio Port (≤1.0.24) exposes WiFi credentials to network-adjacent attackers without authentication. The CVSS:3.1 vector (AV:N/AC:L/PR:N/UI:N) indicates remote exploitation with no authentication required, though the vulnerability description specifies 'access to the UniFi Play network' as a prerequisite. Reported via HackerOne bug bounty. EPSS score of 0.01% (1st percentile) suggests minimal observed exploitation activity, and no public exploit code or CISA KEV listing identified at time of analysis.
Denial of service in Ubiquiti UniFi Play PowerAmp (≤1.0.35) and Audio Port (≤1.0.24) allows unauthenticated remote attackers to crash devices via improper input validation. CVSS 7.5 (High) with network-based attack requiring no privileges or user interaction. EPSS score of 0.01% (1st percentile) indicates minimal real-world exploitation likelihood. No public exploit identified at time of analysis. Vendor-released patches available: PowerAmp 1.0.38+ and Audio Port 1.1.9+.
Remote unauthenticated attackers can enable SSH and gain complete system control on Ubiquiti UniFi Play PowerAmp (≤1.0.35) and UniFi Play Audio Port (≤1.0.24) devices via improper access control. The vulnerability bypasses authentication mechanisms, allowing network-accessible adversaries to modify system configurations with critical impact across confidentiality, integrity, and availability (CVSS 9.8). No public exploit identified at time of analysis, with low EPSS probability (0.01%, 3rd percentile) suggesting limited observed exploitation attempts despite the critical severity rating.
Critical command injection in Ubiquiti UniFi Play PowerAmp and Audio Port allows remote unauthenticated attackers to execute arbitrary commands with network access to the device management interface. Affects PowerAmp versions ≤1.0.35 and Audio Port versions ≤1.0.24. CVSS 9.8 critical severity reflects network-accessible attack with no authentication barriers. EPSS score of 0.08% (24th percentile) suggests low immediate exploitation probability despite critical scoring. Vendor-released patches av
Path traversal in UniFi Play PowerAmp (≤1.0.35) and Audio Port (≤1.0.24) firmware allows unauthenticated remote attackers to write arbitrary files for remote code execution. CVSS 9.8 critical severity reflects network-accessible attack requiring no authentication or user interaction. EPSS score of 0.11% (30th percentile) suggests low immediate exploitation probability despite critical rating. No public exploit identified at time of analysis. Reported via HackerOne bug bounty, vendor patches avai
Improper access control in Ubiquiti UniFi Play PowerAmp (≤1.0.35) and Audio Port (≤1.0.24) exposes WiFi credentials to network-adjacent attackers without authentication. The CVSS:3.1 vector (AV:N/AC:L/PR:N/UI:N) indicates remote exploitation with no authentication required, though the vulnerability description specifies 'access to the UniFi Play network' as a prerequisite. Reported via HackerOne bug bounty. EPSS score of 0.01% (1st percentile) suggests minimal observed exploitation activity, and no public exploit code or CISA KEV listing identified at time of analysis.
Denial of service in Ubiquiti UniFi Play PowerAmp (≤1.0.35) and Audio Port (≤1.0.24) allows unauthenticated remote attackers to crash devices via improper input validation. CVSS 7.5 (High) with network-based attack requiring no privileges or user interaction. EPSS score of 0.01% (1st percentile) indicates minimal real-world exploitation likelihood. No public exploit identified at time of analysis. Vendor-released patches available: PowerAmp 1.0.38+ and Audio Port 1.1.9+.
Remote unauthenticated attackers can enable SSH and gain complete system control on Ubiquiti UniFi Play PowerAmp (≤1.0.35) and UniFi Play Audio Port (≤1.0.24) devices via improper access control. The vulnerability bypasses authentication mechanisms, allowing network-accessible adversaries to modify system configurations with critical impact across confidentiality, integrity, and availability (CVSS 9.8). No public exploit identified at time of analysis, with low EPSS probability (0.01%, 3rd percentile) suggesting limited observed exploitation attempts despite the critical severity rating.