Lucene search
K

46 matches found

NVD
NVD
added yesterday6 views

CVE-2026-55117

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device...

8.6CVSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-54400

A malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi Access Application to escalate privileges on the host device...

9.1CVSS
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-50748

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device...

9.9CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday5 views

CVE-2026-55117

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device...

8.6CVSS
Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-41395

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device...

8.6CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added yesterday6 views

CVE-2026-50748

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device...

9.9CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday5 views

CVE-2026-54400

A malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi Access Application to escalate privileges on the host device...

9.1CVSS
Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-41386

A malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi Access Application to escalate privileges on the host device...

9.1CVSS5.8AI score
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-41384

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device...

9.9CVSS5.8AI score
Exploits0References1
Nuclei
Nuclei
added yesterday20 views

UniFi Access - Broken Access Control

UniFi Access Application 3.3.22 through 3.4.31 contains a broken authentication caused by misconfiguration exposing management API without proper authentication, letting attackers on management network access management functions, exploit requires network access. id: CVE-2025-52665 info: name:...

10CVSS7.6AI score0.40972EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/27 9:16 p.m.3 views

CVE-2019-25651

Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...

9CVSS5.8AI score0.0008EPSS
Exploits0References3Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2026/01/16 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-52665

A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, that exposed a management API without proper authentication. This vulnerability was introduced in Version 3.3.22 and was fixed in Version 4.0.21 and later. ...

10CVSS5.8AI score0.40972EPSS
In wildExploits0References2
RedhatCVE
RedhatCVE
added 2025/11/01 12:25 a.m.9 views

CVE-2025-52665

A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, that exposed a management API without proper authentication. This vulnerability was introduced in Version 3.3.22 and was fixed in Version 4.0.21 and later...

10CVSS6.8AI score0.40972EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/31 12:30 a.m.7 views

EUVD-2025-37233

A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, that exposed a management API without proper authentication. This vulnerability was introduced in Version 3.3.22 and was fixed in Version 4.0.21 and later. ...

10CVSS6.3AI score0.40972EPSS
Exploits0References2
OSV
OSV
added 2025/10/31 12:15 a.m.3 views

CVE-2025-52665

A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, that exposed a management API without proper authentication. This vulnerability was introduced in Version 3.3.22 and was fixed in Version 4.0.21 and later. ...

10CVSS5.8AI score0.40972EPSS
Exploits0References1
NVD
NVD
added 2025/10/31 12:15 a.m.8 views

CVE-2025-52665

A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, that exposed a management API without proper authentication. This vulnerability was introduced in Version 3.3.22 and was fixed in Version 4.0.21 and later. ...

10CVSS0.40972EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.5 views

Ubiquiti UniFi Access Application 安全漏洞

Ubiquiti UniFi Access Application is an access control system from Ubiquiti, Inc. A security vulnerability exists in the Ubiquiti UniFi Access Application versions 3.3.22 through 3.4.31, which stems from an exposed management API and lack of proper authentication, which could lead to unauthorized...

10CVSS9.1AI score0.40972EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/30 11:30 p.m.31 views

CVE-2025-52665

A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, that exposed a management API without proper authentication. This vulnerability was introduced in Version 3.3.22 and was fixed in Version 4.0.21 and later. ...

0.40972EPSS
Exploits0References1
CVE
CVE
added 2025/10/30 11:30 p.m.73 views

CVE-2025-52665

Summary (CVE-2025-52665): UniFi Access Application versions 3.3.22–3.4.31 expose a misconfigured management API that lacks proper authentication, allowing potential unauthorized access by actors on the management network. The vulnerability was introduced in 3.3.22 and fixed in 4.0.21 and later. R...

10CVSS6.4AI score0.40972EPSS
In wildExploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/30 11:30 p.m.6 views

CVE-2025-52665

A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, that exposed a management API without proper authentication. This vulnerability was introduced in Version 3.3.22 and was fixed in Version 4.0.21 and later. ...

6.4AI score0.40972EPSS
Exploits0References1
Rows per page
Query Builder