Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 6:2 a.m.6 views

CVE-2023-28361

A Cross-site WebSocket Hijacking CSWSH vulnerability found in UniFi OS 2.5 and earlier allows a malicious actor to access certain confidential information by persuading a UniFi OS user to visit a malicious webpage.Affected Products:Cloud Key Gen2Cloud Key Gen2 PlusUNVRUNVR ProfessionalUDMUDM...

6.5CVSS6.5AI score0.00263EPSS
Exploits0References1
OSV
OSVadded 2023/10/25 6:17 p.m.4 views

CVE-2023-41721

Instances of UniFi Network Application that i are run on a UniFi Gateway Console, and ii are versions 7.5.176. and earlier, implement device adoption with improper access control logic, creating a risk of access to device configuration information by a malicious actor with preexisting access to t...

5.3CVSS5.8AI score0.00589EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/05/11 12:0 a.m.4 views

Ubiquiti UniFi Cloud Key 跨站请求伪造漏洞

Ubiquiti UniFi Cloud Key is a secret key device that supports management of UniFi networks from Ubiquiti, Inc. A security vulnerability exists in the Ubiquiti UniFi Cloud Key UniFi OS 2.5 and prior versions, which originated from a vulnerability that allows malicious actors to access certain...

6.5CVSS6.5AI score0.00263EPSS
Exploits0References2
NVD
NVDadded 2023/02/23 4:15 p.m.82 views

CVE-2023-24104

Ubiquiti Networks UniFi Dream Machine Pro v7.2.95 allows attackers to bypass domain restrictions via crafted packets...

9.8CVSS9.4AI score0.00847EPSS
Exploits1References2
OSV
OSVadded 2023/02/23 4:15 p.m.4 views

CVE-2023-24104

Ubiquiti Networks UniFi Dream Machine Pro v7.2.95 allows attackers to bypass domain restrictions via crafted packets...

9.8CVSS7.3AI score0.00847EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2023/02/23 12:0 a.m.5 views

CVE-2023-24104

Ubiquiti Networks UniFi Dream Machine Pro v7.2.95 allows attackers to bypass domain restrictions via crafted packets...

6.9AI score0.00847EPSS
Exploits1References2
CVE
CVEadded 2020/07/02 6:35 p.m.69 views

CVE-2020-8188

CVE-2020-8188 relates to UniFi Protect firmware. Multiple sources confirm a privilege-escalation issue where “view only” users could run certain custom commands to assign themselves unauthorized roles, leading to elevated privileges. The vulnerability affects Protect firmware v1.13.2 and v1.14.9 ...

8.8CVSS9.1AI score0.01342EPSS
Exploits0References3Affected Software1
Hacker One
Hacker Oneadded 2020/03/21 2:54 a.m.21 views

Ubiquiti Inc.: View Only to Root Privilege Escalation on UniFi Protect

UniFi Protect v1.13.2 and prior containing vulnerabilities allowing users to run certain custom commands that can be used to assign themselves unauthorized roles, escalating their privileges. These vulnerabilities were found on UniFi Protect v1.13.2 and prior versions for Cloud Key Gen2 plus. The...

2.4AI score
Exploits0
Rows per page
Query Builder