CVE Tools

ubiquiti

Networking Infrastructurecommercial

7

Cumulative CVEs

1

Monthly snapshots

#96

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting ubiquiti.

CVE-2019-25652UniFi Network Controller Improper Certificate Validation Leading to Credential Theft via MITM7.5Mar 27, 2026
CVE-2019-25651Ubiquiti UniFi Devices Use of AES-CBC Allows Key Recovery and Unauthorized Device Control8.3Mar 27, 2026
CVE-2024-45205An Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point (not using UniFi Network Application) could allow a malicious actor with access to an adjacent netwo...7.1Dec 4, 2024
CVE-2024-37380A misconfiguration on UniFi U6+ Access Point could cause an incorrect VLAN traffic forwarding to APs meshed to UniFi U6+ Access Point. Affected Products: UniFi U6+ Access Point (Version 6.6.65 an...5.3Jul 22, 2024
CVE-2024-34786UniFi iOS app 10.15.0 introduces a misconfiguration on 2nd Generation UniFi Access Points configured as standalone (not using UniFi Network Application) that could cause the SSID name to change and...4.8Jul 9, 2024
CVE-2023-41721Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. and earlier, implement device adoption with improper access control logic, creatin...5.3Oct 25, 2023
CVE-2023-31998A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices.7.5Jul 18, 2023
CVE-2023-32000A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an A...4.8Jul 7, 2023
CVE-2023-2379Ubiquiti EdgeRouter X Web Service denial of service7.5Apr 28, 2023
CVE-2023-2378Ubiquiti EdgeRouter X Web Management Interface command injection6.3Apr 28, 2023
CVE-2023-2377Ubiquiti EdgeRouter X Web Management Interface command injection6.3Apr 28, 2023
CVE-2023-2376Ubiquiti EdgeRouter X Web Management Interface command injection6.3Apr 28, 2023
CVE-2023-2375Ubiquiti EdgeRouter X Web Management Interface command injection6.3Apr 28, 2023
CVE-2023-2374Ubiquiti EdgeRouter X Web Management Interface command injection6.3Apr 28, 2023
CVE-2023-2373Ubiquiti EdgeRouter X Web Management Interface command injection6.3Apr 28, 2023