Skip to main content

Unifi Switch Firmware

3 CVEs product

Monthly

CVE-2023-38034 CRITICAL Act Now

A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Ubiquiti RCE Command Injection Unifi Uap Firmware Unifi Switch Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-35085 CRITICAL Act Now

An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Ubiquiti Unifi Uap Firmware Unifi Switch Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2021-44527 MEDIUM This Month

A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious actor who has already gained access to the network to perform a Deny of Service (DoS) attack on the. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Ubiquiti Denial Of Service Unifi Switch Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
EPSS 1% CVSS 9.8
CRITICAL Act Now

A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Ubiquiti RCE Command Injection +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Ubiquiti +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious actor who has already gained access to the network to perform a Deny of Service (DoS) attack on the. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Ubiquiti Denial Of Service Unifi Switch Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy