33 matches found
CVE-2026-55113
A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...
CVE-2026-55119
A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...
CVE-2026-50747
A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...
CVE-2026-55119
A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...
EUVD-2026-41403
A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...
CVE-2026-55119
A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...
CVE-2026-55119
The CVE-2026-55119 entry concerns a vulnerability in UniFi Talk Application described as Improper Access Control that could allow a user with network access and low privileges to escalate privileges within the UniFi Talk Application. This is supported by the connected documents which cite a CVSS ...
CVE-2026-55113
A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...
EUVD-2026-41394
A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...
CVE-2026-55113
A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...
CVE-2026-55113
CVE-2026-55113 involves a Server-Side Request Forgery (SSRF) in the UniFi Talk Application that can allow a remote attacker with network access to cause a Denial of Service and bypass authentication on certain UniFi Talk API endpoints. The vulnerability affects the UniFi Talk platform’s API surfa...
EUVD-2026-41390
A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...
CVE-2026-50747
A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...
CVE-2026-50747
A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...
CVE-2026-50747
The CVE-2026-50747 entry concerns the UniFi Talk Application. It describes an authenticated SQL Injection vulnerability that could be leveraged by an attacker with network access and low privileges to escalate privileges on the host device. The issue is characterized as high-severity (CVSS v3.1 b...
PT-2026-55232
Name of the Vulnerable Software and Affected Versions UniFi Talk Application affected versions not specified Description An authenticated user with low privileges and network access can exploit SQL Injection flaws to escalate privileges on the host device. SQL Injection is a technique where...
CVE-2021-22952
A vulnerability found in UniFi Talk application V1.12.3 and earlier permits a malicious actor who has already gained access to a network to subsequently control Talk devices assigned to said network if they are not yet adopted. This vulnerability is fixed in UniFi Talk application V1.12.5 and lat...
CVE-2025-52663
A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality remained unintentionally enabled. This issue could allow an attacker with access to the UniFi Talk management network to invoke internal debug operations through the device API. Affected Products:...
EUVD-2025-37234
A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality remained unintentionally enabled. This issue could allow an attacker with access to the UniFi Talk management network to invoke internal debug operations through the device API. Affected Products:...
CVE-2025-52663
A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality remained unintentionally enabled. This issue could allow an attacker with access to the UniFi Talk management network to invoke internal debug operations through the device API. Affected Products:...