CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-42025

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.0%

CVSS Severity

CVSS v3 Score 7.8

References

https://community.ui.com/releases/Security-Advisory-Bulletin-042-042/c4f68b56-cdc4-4128-b2cb-5870209d1704

Products affected by CVE-2024-42025

Ui » Unifi Network Application » Version: N/A

cpe:2.3:a:ui:unifi_network_application:-
Ui » Unifi Network Application » Version: 6.2.23

cpe:2.3:a:ui:unifi_network_application:6.2.23
Ui » Unifi Network Application » Version: 6.2.25

cpe:2.3:a:ui:unifi_network_application:6.2.25
Ui » Unifi Network Application » Version: 6.2.26

cpe:2.3:a:ui:unifi_network_application:6.2.26
Ui » Unifi Network Application » Version: 6.4.54

cpe:2.3:a:ui:unifi_network_application:6.4.54
Ui » Unifi Network Application » Version: 6.5.51

cpe:2.3:a:ui:unifi_network_application:6.5.51
Ui » Unifi Network Application » Version: 6.5.52

cpe:2.3:a:ui:unifi_network_application:6.5.52
Ui » Unifi Network Application » Version: 6.5.53

cpe:2.3:a:ui:unifi_network_application:6.5.53
Ui » Unifi Network Application » Version: 6.5.54

cpe:2.3:a:ui:unifi_network_application:6.5.54
Ui » Unifi Network Application » Version: 6.5.55

cpe:2.3:a:ui:unifi_network_application:6.5.55
Ui » Unifi Network Application » Version: 7.0.20

cpe:2.3:a:ui:unifi_network_application:7.0.20
Ui » Unifi Network Application » Version: 7.0.21

cpe:2.3:a:ui:unifi_network_application:7.0.21
Ui » Unifi Network Application » Version: 7.0.22

cpe:2.3:a:ui:unifi_network_application:7.0.22
Ui » Unifi Network Application » Version: 7.0.23

cpe:2.3:a:ui:unifi_network_application:7.0.23
Ui » Unifi Network Application » Version: 7.0.25

cpe:2.3:a:ui:unifi_network_application:7.0.25
Ui » Unifi Network Application » Version: 7.1.61

cpe:2.3:a:ui:unifi_network_application:7.1.61
Ui » Unifi Network Application » Version: 7.1.65

cpe:2.3:a:ui:unifi_network_application:7.1.65
Ui » Unifi Network Application » Version: 7.1.66

cpe:2.3:a:ui:unifi_network_application:7.1.66
Ui » Unifi Network Application » Version: 7.1.67

cpe:2.3:a:ui:unifi_network_application:7.1.67
Ui » Unifi Network Application » Version: 7.1.68

cpe:2.3:a:ui:unifi_network_application:7.1.68
Ui » Unifi Network Application » Version: 7.2.91

cpe:2.3:a:ui:unifi_network_application:7.2.91
Ui » Unifi Network Application » Version: 7.2.92

cpe:2.3:a:ui:unifi_network_application:7.2.92
Ui » Unifi Network Application » Version: 7.2.93

cpe:2.3:a:ui:unifi_network_application:7.2.93
Ui » Unifi Network Application » Version: 7.2.94

cpe:2.3:a:ui:unifi_network_application:7.2.94
Ui » Unifi Network Application » Version: 7.2.95

cpe:2.3:a:ui:unifi_network_application:7.2.95
Ui » Unifi Network Application » Version: 7.2.97

cpe:2.3:a:ui:unifi_network_application:7.2.97
Ui » Unifi Network Application » Version: 7.3.76

cpe:2.3:a:ui:unifi_network_application:7.3.76
Ui » Unifi Network Application » Version: 7.3.81

cpe:2.3:a:ui:unifi_network_application:7.3.81
Ui » Unifi Network Application » Version: 7.3.83

cpe:2.3:a:ui:unifi_network_application:7.3.83
Ui » Unifi Network Application » Version: 7.4.156

cpe:2.3:a:ui:unifi_network_application:7.4.156
Ui » Unifi Network Application » Version: 7.4.162

cpe:2.3:a:ui:unifi_network_application:7.4.162
Ui » Unifi Network Application » Version: 7.5.172

cpe:2.3:a:ui:unifi_network_application:7.5.172
Ui » Unifi Network Application » Version: 7.5.174

cpe:2.3:a:ui:unifi_network_application:7.5.174
Ui » Unifi Network Application » Version: 7.5.176

cpe:2.3:a:ui:unifi_network_application:7.5.176
Ui » Unifi Network Application » Version: 7.5.187

cpe:2.3:a:ui:unifi_network_application:7.5.187
Ui » Unifi Network Application » Version: 8.0.24

cpe:2.3:a:ui:unifi_network_application:8.0.24
Ui » Unifi Network Application » Version: 8.0.26

cpe:2.3:a:ui:unifi_network_application:8.0.26
Ui » Unifi Network Application » Version: 8.0.28

cpe:2.3:a:ui:unifi_network_application:8.0.28
Ui » Unifi Network Application » Version: 8.0.7

cpe:2.3:a:ui:unifi_network_application:8.0.7
Ui » Unifi Network Application » Version: 8.1.113

cpe:2.3:a:ui:unifi_network_application:8.1.113
Ui » Unifi Network Application » Version: 8.1.127

cpe:2.3:a:ui:unifi_network_application:8.1.127
Ui » Unifi Network Application » Version: 8.2.93

cpe:2.3:a:ui:unifi_network_application:8.2.93
Ui » Unifi Network Application » Version: 8.3.32

cpe:2.3:a:ui:unifi_network_application:8.3.32

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-42025

Products

Pricing

Contact Us