Unifi Network Application

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-13	CVE-2024-42025	Command Injection vulnerability in UI Unifi Network Application A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device. local low complexity ui CWE-77	7.8
2023-10-25	CVE-2023-41721	Unspecified vulnerability in UI Unifi Network Application Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. network low complexity ui	5.3
2023-07-08	CVE-2023-32000	Cross-site Scripting vulnerability in UI Unifi Network Application A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page. network low complexity ui CWE-79	4.8