Unifi Connect Ev Station
by Ubiquiti Inc
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-24285 | Cri | 0.64 | 9.8 | 0.01 | Aug 21, 2025 | Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a Command Injection by a malicious actor with network access to the UniFi Connect EV Station Lite. Affected Products: UniFi Connect EV Station Lite (Version 1.5.1 and earlier) … | ||
| CVE-2024-29207 | Hig | 0.49 | 7.5 | 0.00 | May 7, 2024 | An Improper Certificate Validation could allow a malicious actor with access to an adjacent network to take control of the system. Affected Products: UniFi Connect Application (Version 3.7.9 and earlier) UniFi Connect EV Station (Version 1.1.18 and earlier) UniFi… | ||
| CVE-2024-29208 | Low | 0.14 | 2.2 | 0.00 | May 7, 2024 | An Unverified Password Change could allow a malicious actor with API access to the device to change the system password without knowing the previous password. Affected Products: UniFi Connect EV Station (Version 1.1.18 and earlier) UniFi Connect EV Station Pro (Version… | ||
| CVE-2024-29206 | Low | 0.14 | 2.2 | 0.00 | May 7, 2024 | An Improper Access Control could allow a malicious actor authenticated in the API to enable Android Debug Bridge (ADB) and make unsupported changes to the system. Affected Products: UniFi Connect EV Station (Version 1.1.18 and earlier) UniFi Connect EV Station Pro… | ||
| CVE-2026-21635 | 0.00 | — | 0.00 | Jan 5, 2026 | An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.5.2 and earlier) to use WiFi AutoLink feature on a device that was only adopted via Ethernet. |
- risk 0.64cvss 9.8epss 0.01
Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a Command Injection by a malicious actor with network access to the UniFi Connect EV Station Lite. Affected Products: UniFi Connect EV Station Lite (Version 1.5.1 and earlier) …
- risk 0.49cvss 7.5epss 0.00
An Improper Certificate Validation could allow a malicious actor with access to an adjacent network to take control of the system. Affected Products: UniFi Connect Application (Version 3.7.9 and earlier) UniFi Connect EV Station (Version 1.1.18 and earlier) UniFi…
- risk 0.14cvss 2.2epss 0.00
An Unverified Password Change could allow a malicious actor with API access to the device to change the system password without knowing the previous password. Affected Products: UniFi Connect EV Station (Version 1.1.18 and earlier) UniFi Connect EV Station Pro (Version…
- risk 0.14cvss 2.2epss 0.00
An Improper Access Control could allow a malicious actor authenticated in the API to enable Android Debug Bridge (ADB) and make unsupported changes to the system. Affected Products: UniFi Connect EV Station (Version 1.1.18 and earlier) UniFi Connect EV Station Pro…
- CVE-2026-21635Jan 5, 2026risk 0.00cvss —epss 0.00
An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.5.2 and earlier) to use WiFi AutoLink feature on a device that was only adopted via Ethernet.