VYPR
Vendor

Ubiquiti Inc

Products
57
CVEs
121
Across products
131
Status
Private

Products

57
View all 57 products →

Recent CVEs

121
View all 121 CVEs →
  • CVE-2010-5330CriKEVJun 11, 2019
    risk 0.78cvss 9.8epss 0.34

    On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fixed version is v4.0.1 for 802.11 ISP products, v5.3.5 for AirMax ISP products,…

  • CVE-2026-34910CriKEVMay 22, 2026
    risk 0.77cvss 10.0epss 0.79

    A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.

  • CVE-2026-34909CriKEVMay 22, 2026
    risk 0.77cvss 10.0epss 0.02

    A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account.

  • CVE-2026-34908CriKEVMay 22, 2026
    risk 0.77cvss 10.0epss 0.02

    A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.

  • CVE-2015-9266CriSep 5, 2018
    risk 0.73cvss 9.8epss 0.74

    The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root…

  • CVE-2026-22557CriMar 19, 2026
    risk 0.65cvss 10.0epss 0.16

    A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated to access an underlying account.

  • CVE-2025-23123CriMay 19, 2025
    risk 0.65cvss 10.0epss 0.01

    A malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow vulnerability in the UniFi Protect Cameras (Version 4.75.43 and earlier) firmware.

  • CVE-2026-47369CriJun 12, 2026
    risk 0.64cvss 9.9epss 0.00

    A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances.

  • CVE-2026-47367CriJun 12, 2026
    risk 0.64cvss 9.9epss 0.01

    A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UID Enterprise Agent to execute a Command Injection on the host device.

  • CVE-2026-22563CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.01

    A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network. Affected Products: UniFi Play PowerAmp (Version 1.0.35 and earlier)
 UniFi Play Audio Port  (Version 1.0.24 and earlier)
 …

  • CVE-2026-22562CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.01

    A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code execution (RCE). Affected Products: UniFi Play PowerAmp (Version 1.0.35 and…

  • CVE-2020-37052CriJan 30, 2026
    risk 0.64cvss 9.8epss 0.01

    AirControl 1.4.2 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through malicious Java expression injection. Attackers can exploit the /.seam endpoint by crafting a specially…

  • CVE-2025-27214CriAug 21, 2025
    risk 0.64cvss 9.8epss 0.00

    A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset. Affected Products: UniFi Connect EV Station Pro (Version 1.5.18 and…

  • CVE-2025-24285CriAug 21, 2025
    risk 0.64cvss 9.8epss 0.01

    Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a Command Injection by a malicious actor with network access to the UniFi Connect EV Station Lite. Affected Products: UniFi Connect EV Station Lite (Version 1.5.1 and earlier) …

  • CVE-2025-27212CriAug 4, 2025
    risk 0.64cvss 9.8epss 0.01

    An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a malicious actor with access to UniFi Access management network. Affected Products: UniFi Access Reader Pro (Version 2.14.21 and earlier) UniFi Access G2 Reader Pro…

  • CVE-2025-24290CriJun 29, 2025
    risk 0.64cvss 9.9epss 0.00

    Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (Version 2.4.206 and earlier) could allow a malicious actor with low privileges to escalate privileges.

  • CVE-2024-54750CriDec 6, 2024
    risk 0.64cvss 9.8epss 0.00

    Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: In Ubiquiti's view there is no vulnerability as the Hardcoded Password should be after setup not before.

  • CVE-2024-27981CriApr 4, 2024
    risk 0.64cvss 9.8epss 0.01

    A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.0.28 and earlier) allows a malicious actor with UniFi Network Application Administrator credentials to escalate privileges to root on the host…

  • CVE-2023-38034CriAug 10, 2023
    risk 0.64cvss 9.8epss 0.01

    A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.53 and earlier) All UniFi Switches…

  • CVE-2023-35085CriAug 10, 2023
    risk 0.64cvss 9.8epss 0.01

    An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.50 and earlier) All…