Vulnerabilities
Vulnerable Software
Security Vulnerabilities
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi Network Application to execute a Denial of Service (DoS) attack on the application.
CVSS Score
7.5
EPSS Score
0.003
Published
2026-07-02
A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device.
CVSS Score
8.7
EPSS Score
0.003
Published
2026-07-02
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication in certain UniFi Protect Application API endpoints.
CVSS Score
8.6
EPSS Score
0.003
Published
2026-07-02
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming.
CVSS Score
8.6
EPSS Score
0.003
Published
2026-07-02
A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in UniFi Protect Application to bypass authentication in UniFi Protect Cameras.
CVSS Score
7.5
EPSS Score
0.003
Published
2026-07-02
A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing (CORS) misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-07-02
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Protect Floodlight devices to access files on the UniFi Protect Floodlight.
CVSS Score
7.5
EPSS Score
0.003
Published
2026-07-02
A malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi Access Application to escalate privileges on the host device.
CVSS Score
9.1
EPSS Score
0.003
Published
2026-07-02
A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (SSRF) to escalate privileges within such UniFi OS devices or instances.
CVSS Score
7.7
EPSS Score
0.002
Published
2026-07-02
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device.
CVSS Score
9.9
EPSS Score
0.009
Published
2026-07-02


Contact Us

Shodan ® - All rights reserved