Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Ubiquiti — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting Ubiquiti. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Ubiquiti develops networking and communications equipment for enterprises and service providers. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from default credentials and insufficient input validation. The company has experienced security incidents, including a 2015 breach where attackers accessed customer data through compromised credentials. Despite these issues, Ubiquiti devices remain widely deployed due to their cost-effectiveness. Security researchers continue to identify vulnerabilities in their products, with 18 CVEs currently documented, highlighting ongoing concerns about secure configuration and patch management practices in their ecosystem.

Top products by Ubiquiti: EdgeRouter X UniFi Network Application UniFi iOS App UniFi Network Controller EdgeRouter UniFi U6+ Access Point
CVE IDTitleCVSSSeverityPublished
CVE-2019-25652 UniFi Network Controller Improper Certificate Validation Leading to Credential Theft via MITM — UniFi Network ControllerCWE-295 7.5 High2026-03-27
CVE-2019-25651 Ubiquiti UniFi Devices Use of AES-CBC Allows Key Recovery and Unauthorized Device Control — UniFi Network ControllerCWE-327 8.3 High2026-03-27
CVE-2024-45205 Ubiquiti UniFi iOS 安全漏洞 — UniFi iOS App 8.8 -2024-12-04
CVE-2024-37380 Ubiquiti UniFi U6+ Access Point 安全漏洞 — UniFi U6+ Access Point 4.3AIMediumAI2024-07-22
CVE-2024-34786 Ubiquiti UniFi 安全漏洞 — UniFi iOS App 8.1AIHighAI2024-07-09
CVE-2023-41721 Ubiquiti UniFi Network 安全漏洞 — UniFi Network Application 4.3 -2023-10-25
CVE-2023-31998 Ubiquiti EdgeRouters 缓冲区错误漏洞 — EdgeRouter 7.5 -2023-07-18
CVE-2023-32000 Ubiquiti UniFi Network 跨站脚本漏洞 — UniFi Network Application 6.9 -2023-07-07
CVE-2023-2379 Ubiquiti EdgeRouter X Web Service denial of service — EdgeRouter XCWE-404 7.5 High2023-04-28
CVE-2023-2378 Ubiquiti EdgeRouter X Web Management Interface command injection — EdgeRouter XCWE-77 6.3 Medium2023-04-28
CVE-2023-2377 Ubiquiti EdgeRouter X Web Management Interface command injection — EdgeRouter XCWE-77 6.3 Medium2023-04-28
CVE-2023-2376 Ubiquiti EdgeRouter X Web Management Interface command injection — EdgeRouter XCWE-77 6.3 Medium2023-04-28
CVE-2023-2375 Ubiquiti EdgeRouter X Web Management Interface command injection — EdgeRouter XCWE-77 6.3 Medium2023-04-28
CVE-2023-2374 Ubiquiti EdgeRouter X Web Management Interface command injection — EdgeRouter XCWE-77 6.3 Medium2023-04-28
CVE-2023-2373 Ubiquiti EdgeRouter X Web Management Interface command injection — EdgeRouter XCWE-77 6.3 Medium2023-04-28
CVE-2023-1458 Ubiquiti EdgeRouter 命令注入漏洞 — EdgeRouter XCWE-77 7.2 High2023-03-25
CVE-2023-1457 Ubiquiti EdgeRouter 命令注入漏洞 — EdgeRouter XCWE-77 7.2 High2023-03-25
CVE-2023-1456 Ubiquiti EdgeRouter 命令注入漏洞 — EdgeRouter XCWE-77 7.2 High2023-03-25

This page lists every published CVE security advisory associated with Ubiquiti. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.