Vulnerability Details CVE-2023-41721
Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. and earlier, implement device adoption with improper access control logic, creating a risk of access to device configuration information by a malicious actor with preexisting access to the network.
Affected Products:
UDM
UDM-PRO
UDM-SE
UDR
UDW
Mitigation:
Update UniFi Network to Version 7.5.187 or later.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.1%
CVSS Severity
CVSS v3 Score 10.0
References
Products affected by CVE-2023-41721
-
cpe:2.3:a:ui:unifi_network_application:-
-
cpe:2.3:a:ui:unifi_network_application:6.2.23
-
cpe:2.3:a:ui:unifi_network_application:6.2.25
-
cpe:2.3:a:ui:unifi_network_application:6.2.26
-
cpe:2.3:a:ui:unifi_network_application:6.4.54
-
cpe:2.3:a:ui:unifi_network_application:6.5.51
-
cpe:2.3:a:ui:unifi_network_application:6.5.52
-
cpe:2.3:a:ui:unifi_network_application:6.5.53
-
cpe:2.3:a:ui:unifi_network_application:6.5.54
-
cpe:2.3:a:ui:unifi_network_application:6.5.55
-
cpe:2.3:a:ui:unifi_network_application:7.0.20
-
cpe:2.3:a:ui:unifi_network_application:7.0.21
-
cpe:2.3:a:ui:unifi_network_application:7.0.22
-
cpe:2.3:a:ui:unifi_network_application:7.0.23
-
cpe:2.3:a:ui:unifi_network_application:7.0.25
-
cpe:2.3:a:ui:unifi_network_application:7.1.61
-
cpe:2.3:a:ui:unifi_network_application:7.1.65
-
cpe:2.3:a:ui:unifi_network_application:7.1.66
-
cpe:2.3:a:ui:unifi_network_application:7.1.67
-
cpe:2.3:a:ui:unifi_network_application:7.1.68
-
cpe:2.3:a:ui:unifi_network_application:7.2.91
-
cpe:2.3:a:ui:unifi_network_application:7.2.92
-
cpe:2.3:a:ui:unifi_network_application:7.2.93
-
cpe:2.3:a:ui:unifi_network_application:7.2.94
-
cpe:2.3:a:ui:unifi_network_application:7.2.95
-
cpe:2.3:a:ui:unifi_network_application:7.2.97
-
cpe:2.3:a:ui:unifi_network_application:7.3.76
-
cpe:2.3:a:ui:unifi_network_application:7.3.81
-
cpe:2.3:a:ui:unifi_network_application:7.3.83
-
cpe:2.3:a:ui:unifi_network_application:7.4.156
-
cpe:2.3:a:ui:unifi_network_application:7.4.162
-
cpe:2.3:a:ui:unifi_network_application:7.5.172
-
cpe:2.3:a:ui:unifi_network_application:7.5.174
-
cpe:2.3:a:ui:unifi_network_application:7.5.176
-
cpe:2.3:h:ui:unifi_dream_machine:-
-
cpe:2.3:h:ui:unifi_dream_machine_pro:-
-
cpe:2.3:h:ui:unifi_dream_machine_special_edition:-
-
cpe:2.3:h:ui:unifi_dream_router:-
-
cpe:2.3:h:ui:unifi_dream_wall:-