Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38034 | 1 Ui | 47 U6-enterprise, U6-enterprise-iw, U6-extender and 44 more | 2024-02-05 | N/A | 9.8 CRITICAL |
| A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.53 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update UniFi Switches to Version 6.5.59 or later. | |||||
| CVE-2023-35085 | 1 Ui | 47 U6-enterprise, U6-enterprise-iw, U6-extender and 44 more | 2024-02-05 | N/A | 9.8 CRITICAL |
| An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.50 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update the UniFi Switches to Version 6.5.59 or later. | |||||
| CVE-2021-44527 | 1 Ui | 1 Unifi Switch Firmware | 2024-02-04 | 6.1 MEDIUM | 6.5 MEDIUM |
| A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious actor who has already gained access to the network to perform a Deny of Service (DoS) attack on the affected switch.This vulnerability is fixed in UniFi Switch firmware 5.76.6 and later. | |||||