CVE-2021-33820

An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service...

CVE-2021-33818

An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service...

CVE-2021-22943

A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect cameras assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later...

CVE-2021-22957

A Cross-Origin Resource Sharing CORS vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user’s account.This vulnerability is fixed in UniFi Protect applicati...

CVE-2021-22944

A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later...

CVE-2025-23164

A misconfigured access token mechanism in the Unifi Protect Application Version 5.3.41 and earlier could permit the recipient of a "Share Livestream" link to maintain access to the corresponding livestream subsequent to such link becoming disabled...

CVE-2025-23115

A Use After Free vulnerability on UniFi Protect Cameras could allow a Remote Code Execution RCE by a malicious actor with access to UniFi Protect Cameras management network...

CVE-2025-23119

An Improper Neutralization of Escape Sequences vulnerability could allow an Authentication Bypass with a Remote Code Execution RCE by a malicious actor with access to UniFi Protect Cameras adjacent network...

CVE-2025-23116

An Authentication Bypass vulnerability on UniFi Protect Application with Auto-Adopt Bridge Devices enabled could allow a malicious actor with access to UniFi Protect Cameras adjacent network to take control of UniFi Protect Cameras...

CVE-2025-23123

A malicious actor with access to the management network could execute a remote code execution RCE by exploiting a heap buffer overflow vulnerability in the UniFi Protect Cameras Version 4.75.43 and earlier firmware...

UniFi Protect < 6.2.72 Multiple Vulnerabilities

UniFi Protect is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ui:unifiprotect"; ifdescripti...

CVE-2026-21633

A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application Version 6.1.79 and earlier. Affected Products: UniFi Protect Application Version 6.1.79 and earlier...

CVE-2026-21634

A malicious actor with access to the adjacent network could overflow the UniFi Protect Application Version 6.1.79 and earlier discovery protocol causing it to restart. Affected Products: UniFi Protect Application Version 6.1.79 and earlier. Mitigation: Update your UniFi Protect Application to...

CVE-2026-21633

A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application Version 6.1.79 and earlier. Affected Products: UniFi Protect Application Version 6.1.79 and earlier...

CVE-2026-21634

A malicious actor with access to the adjacent network could overflow the UniFi Protect Application Version 6.1.79 and earlier discovery protocol causing it to restart. Affected Products: UniFi Protect Application Version 6.1.79 and earlier. Mitigation: Update your UniFi Protect Application to...

CVE-2026-21633

A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application Version 6.1.79 and earlier. Affected Products: UniFi Protect Application Version 6.1.79 and earlier...

CVE-2026-21634

A malicious actor with access to the adjacent network could overflow the UniFi Protect Application Version 6.1.79 and earlier discovery protocol causing it to restart. Affected Products: UniFi Protect Application Version 6.1.79 and earlier. Mitigation: Update your UniFi Protect Application to...

CVE-2026-21634

A malicious actor with access to the adjacent network could overflow the UniFi Protect Application Version 6.1.79 and earlier discovery protocol causing it to restart. Affected Products: UniFi Protect Application Version 6.1.79 and earlier. Mitigation: Update your UniFi Protect Application to...

CVE-2026-21633

A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application Version 6.1.79 and earlier. Affected Products: UniFi Protect Application Version 6.1.79 and earlier...

CVE-2026-21633

CVE-2026-21633 affects UniFi Protect Application version 6.1.79 and earlier. Multiple connected sources confirm a discovery protocol vulnerability that could allow a malicious actor on an adjacent network to gain unauthorized access to a UniFi Protect Camera. The vulnerability is tied to the disc...