100 matches found
UniFi Network Application - Path Traversal
UniFi Network Application contains a path traversal vulnerability allowing a network attacker to access and manipulate files on the underlying system, potentially leading to account access, exploit requires network access. id: CVE-2026-22557 info: name: UniFi Network Application - Path Traversal...
📄 UniFi Network 9.0.118 Path Traversal / File Disclosure
UniFi Network version9.0.118 suffers from a path traversal vulnerability that can lead to arbitrary file disclosure. ================================================================================================================================== | Title : UniFi Network 9.0.118 Advanced...
UniFi Network Application Path Traversal Vulnerability Assessment Tool
This tool lets you safely detect whether a UniFi Network Application controller is vulnerable to CVE-2026-22557 without causing any disruption. CVE-2026-22557 is an unauthenticated path traversal vulnerability in the UniFi Network Application's guest captive portal that allows remote attackers to...
Exploit for CVE-2026-22557
CVE-2026-22557 Vulnerability Assessment Tool Safely detect wh...
Exploit for CVE-2026-22557
CVE-2026-22557 -- UniFi Network Application Pre-Auth Path Trav...
EUVD-2019-20043
UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept...
CVE-2019-25652 UniFi Network Controller Improper Certificate Validation Leading to Credential Theft via MITM
UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept...
CVE-2019-25652
UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept...
CVE-2019-25652
UniFi Network Controller is affected by an improper certificate validation vulnerability that enables adjacent attackers to perform MITM by presenting a false SSL certificate during SMTP connections. The issue affects versions released before 5.10.22 and 5.11.x released before 5.11.18, where the ...
CVE-2019-25652 UniFi Network Controller Improper Certificate Validation Leading to Credential Theft via MITM
UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept...
CVE-2019-25651
Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...
Ubiquiti UniFi Network Controller 信任管理问题漏洞
The Ubiquiti UniFi Network Controller is a control software platform developed by the American company Ubiquiti, designed for centralized management and monitoring of network devices. Versions prior to 5.10.22 and 5.11.18, as well as the 5.11.x series, contained vulnerabilities related to trust...
CVE-2026-22557
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated to access an underlying account...
CVE-2026-22559
An Improper Input Validation vulnerability in UniFi Network Server may allow unauthorized access to an account if the account owner is socially engineered into clicking a malicious link. Affected Products: UniFi Network Server Version 10.1.85 and earlier Mitigation: Update UniFi Network Server to...
CVE-2026-22558
An Authenticated NoSQL Injection vulnerability found in UniFi Network Application could allow a malicious actor with authenticated access to the network to escalate privileges...
EUVD-2026-14988
An Improper Input Validation vulnerability in UniFi Network Server may allow unauthorized access to an account if the account owner is socially engineered into clicking a malicious link. Affected Products: UniFi Network Server Version 10.1.85 and earlier Mitigation: Update UniFi Network Server to...
CVE-2026-22559
An Improper Input Validation vulnerability in UniFi Network Server may allow unauthorized access to an account if the account owner is socially engineered into clicking a malicious link. Affected Products: UniFi Network Server Version 10.1.85 and earlier Mitigation: Update UniFi Network Server to...
CVE-2026-22559
An Improper Input Validation vulnerability in UniFi Network Server may allow unauthorized access to an account if the account owner is socially engineered into clicking a malicious link. Affected Products: UniFi Network Server Version 10.1.85 and earlier Mitigation: Update UniFi Network Server to...
CVE-2026-22559
An Improper Input Validation vulnerability in UniFi Network Server may allow unauthorized access to an account if the account owner is socially engineered into clicking a malicious link. Affected Products: UniFi Network Server Version 10.1.85 and earlier Mitigation: Update UniFi Network Server to...
CVE-2026-22559
CVE-2026-22559 concerns an improper input validation in UniFi Network Server (affected: 10.1.85 and earlier) that may allow unauthorized account access if the account owner is socially engineered into clicking a malicious link. Impact is high (C, I, A: High) with network access, user interaction ...