UISP

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-24290	Ubiquiti Inc UISP	Cri	0.64	9.9	0.00		Jun 29, 2025	Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (Version 2.4.206 and earlier) could allow a malicious actor with low privileges to escalate privileges.
CVE-2025-48979	Ubiquiti Inc UISP	Low	0.22	3.4	0.00		Aug 29, 2025	An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.

CVE-2025-24290CriJun 29, 2025
Ubiquiti Inc
UISP
risk 0.64cvss 9.9epss 0.00
Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (Version 2.4.206 and earlier) could allow a malicious actor with low privileges to escalate privileges.
CVE-2025-48979LowAug 29, 2025
Ubiquiti Inc
UISP
risk 0.22cvss 3.4epss 0.00
An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.