Skip to main content

Unifi Uap Firmware

2 CVEs product

Monthly

CVE-2023-38034 CRITICAL Act Now

A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Ubiquiti RCE Command Injection Unifi Uap Firmware Unifi Switch Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-35085 CRITICAL Act Now

An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Ubiquiti Unifi Uap Firmware Unifi Switch Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
EPSS 1% CVSS 9.8
CRITICAL Act Now

A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Ubiquiti RCE Command Injection +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Ubiquiti +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy