44 matches found
CVE-2026-50746
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device...
CVE-2026-50746
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device...
EUVD-2026-41389
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device...
EUVD-2024-26224
Malicious code in bioql PyPI...
EUVD-2025-25442
Malicious code in bioql PyPI...
EUVD-2025-25443
Malicious code in bioql PyPI...
EUVD-2025-27734
Malicious code in bioql PyPI...
EUVD-2024-26223
Malicious code in bioql PyPI...
CVE-2025-27213
An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug Bridge ADB and make unsupported changes to the system. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier UniFi Connect Display Versio...
CVE-2025-27214
A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier Mitigation: Update Uni...
CVE-2025-27215
An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect Display Cast devices to make unsupported changes to the system. Affected Products: UniFi Connect Display Cast Version 1.10.3 and earlier UniFi Connect Display Cast Pro Version 1.0.89 and...
CVE-2025-24285
Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a Command Injection by a malicious actor with network access to the UniFi Connect EV Station Lite. Affected Products: UniFi Connect EV Station Lite Version 1.5.1 and earlier Mitigation: Update UniFi...
CVE-2025-27213
An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug Bridge ADB and make unsupported changes to the system. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier UniFi Connect Display Versio...
CVE-2025-27213
The CVE-2025-27213 entry concerns several UniFi Connect devices with an improper access control in the API that could allow a malicious actor already authenticated to enable Android Debug Bridge (ADB) and perform unsupported system changes. Affected products and versions are: UniFi Connect EV Sta...
CVE-2025-24285
Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a Command Injection by a malicious actor with network access to the UniFi Connect EV Station Lite. Affected Products: UniFi Connect EV Station Lite Version 1.5.1 and earlier Mitigation: Update UniFi...
CVE-2025-24285
CVE-2025-24285 affects UniFi Connect EV Station Lite (versions 1.5.1 and earlier). The issue is described as multiple improper input validation vulnerabilities that may allow a malicious actor with network access to perform command injection on the EV Station Lite. The CVSS 3.1 score is listed as...
CVE-2025-27214
A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier Mitigation: Update Uni...
CVE-2025-27213
An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug Bridge ADB and make unsupported changes to the system. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier UniFi Connect Display Versio...
CVE-2025-27215
An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect Display Cast devices to make unsupported changes to the system. Affected Products: UniFi Connect Display Cast Version 1.10.3 and earlier UniFi Connect Display Cast Pro Version 1.0.89 and...
CVE-2025-27214
A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier Mitigation: Update Uni...