Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-35085 PoC — Ubiquiti UniFi 输入验证错误漏洞

Source
https://github.com/maoruiQa/CVE-2023-35085-POC-EXP
Associated Vulnerability
Title:Ubiquiti UniFi 输入验证错误漏洞 (CVE-2023-35085)
Description:An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.50 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update the UniFi Switches to Version 6.5.59 or later.
Description
POC and EXP for CVE-2023-35085
Readme
PS: All the scripts are achieved by Gemini 2.5 pro and CLaude 3.7. It may doesn't work well, because I don't know how to use the api "/mifs/rest/api/v2/command/exec", the same as the AIs, who pretented that they know it very well.
File Snapshot

 [4.0K]  /data/pocs/2b2d4d4b0d3cb9307db8cded558c1835d3204128
├── [ 12K]  EXP_reverse_shell-CVE-2023-35085.py
├── [ 14K]  EXP_webshell-CVE-2023-35085.py
├── [3.8K]  POC-CVE-2023-35085.py
└── [ 231]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →