Vulnerabilities > UI > Unifi Network Application > 7.5.176

DATE CVE VULNERABILITY TITLE RISK
2024-09-13 CVE-2024-42025 Command Injection vulnerability in UI Unifi Network Application
A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device.
local
low complexity
ui CWE-77
7.8
7.8
2023-10-25 CVE-2023-41721 Unspecified vulnerability in UI Unifi Network Application
Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176.
network
low complexity
ui
5.3
5.3