Medium severity6.8NVD Advisory· Published Jun 29, 2025· Updated Jun 17, 2026
CVE-2025-24292
CVE-2025-24292
Description
A misconfigured query in UniFi Network (v9.1.120 and earlier) could allow users to authenticate to Enterprise WiFi or VPN Server (l2tp and OpenVPN) using a device’s MAC address from 802.1X or MAC Authentication, if both services are enabled and share the same RADIUS profile.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.