Lucene search
K

905 matches found

Nuclei
Nuclei
added 15 hours ago9 views

UniFi Network Application - Path Traversal

UniFi Network Application contains a path traversal vulnerability allowing a network attacker to access and manipulate files on the underlying system, potentially leading to account access, exploit requires network access. id: CVE-2026-22557 info: name: UniFi Network Application - Path Traversal...

10CVSS7.1AI score0.15601EPSS
Exploits3References4
Nuclei
Nuclei
added yesterday23 views

UniFi Access - Broken Access Control

UniFi Access Application 3.3.22 through 3.4.31 contains a broken authentication caused by misconfiguration exposing management API without proper authentication, letting attackers on management network access management functions, exploit requires network access. id: CVE-2025-52665 info: name:...

10CVSS7.1AI score0.40972EPSS
Exploits0References3
Nuclei
Nuclei
added 2 days ago43 views

UniFi OS Server - Command Injection

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection. id: CVE-2026-34910 info: name: UniFi OS Server - Command Injection author: Kazgangap severity: critical description: | A malicious actor...

10CVSS7AI score0.78555EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.8 views

Ubiquiti UniFi OS < 5.1.12 Multiple Vulnerabilities

According to its self-reported version, the remote Ubiquiti UniFi OS device is prior to 5.1.12. It is, therefore, affected by multiple vulnerabilities: - A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make...

10CVSS7.3AI score0.78555EPSS
Exploits4References4
NVD
NVD
added 2026/07/02 3:17 p.m.11 views

CVE-2026-56842

A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in UniFi Network Application to persist privileges within UniFi Network Application after such access had been removed...

7.5CVSS0.0019EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.8 views

CVE-2026-56841

A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device...

8.8CVSS0.00249EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.9 views

CVE-2026-55114

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate privileges within the UniFi Network Application...

8.8CVSS0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.12 views

CVE-2026-55118

A malicious actor with access to the network,low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate privileges within the UniFi Network Application...

8.3CVSS0.00195EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.10 views

CVE-2026-55115

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF in UniFi Protect Application to escalate privileges on the host device...

9.9CVSS0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.9 views

CVE-2026-55112

A malicious actor with access to the network and low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi OS with UniFi Protect Application to escalate privileges on the host device...

8.8CVSS0.00198EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.7 views

CVE-2026-55116

A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices...

9.8CVSS0.00229EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.15 views

CVE-2026-55117

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device...

8.6CVSS0.00382EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.8 views

CVE-2026-55113

A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...

7.5CVSS0.00223EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.7 views

CVE-2026-55119

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...

8.1CVSS0.00201EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.7 views

CVE-2026-54405

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi Network Application to execute a Denial of Service DoS attack on the application...

7.5CVSS0.00263EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.8 views

CVE-2026-54406

A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device...

8.7CVSS0.00325EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.12 views

CVE-2026-54409

A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in UniFi Protect Application to bypass authentication in UniFi Protect Cameras...

8.1CVSS0.00254EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.10 views

CVE-2026-54408

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming...

9.8CVSS0.0028EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.8 views

CVE-2026-54404

A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi OS to escalate privileges within such UniFi OS devices or instances...

8.8CVSS0.00249EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.9 views

CVE-2026-55111

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Protect Floodlight devices to access files on the UniFi Protect Floodlight...

7.5CVSS0.00335EPSS
Exploits0References1
Rows per page
Query Builder