VYPR
High severity7.8NVD Advisory· Published Sep 13, 2024· Updated Jun 17, 2026

CVE-2024-42025

CVE-2024-42025

Description

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.