Vulnerabilities
Vulnerable Software
Ui:  >> Unifi Protect  >> 1.19.2  Security Vulnerabilities
A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device.
CVSS Score
8.8
EPSS Score
0.002
Published
2026-07-02
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication in certain UniFi Protect Application API endpoints.
CVSS Score
8.6
EPSS Score
0.003
Published
2026-07-02
A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application (Version 6.1.79 and earlier). Affected Products: UniFi Protect Application (Version 6.1.79 and earlier). Mitigation: Update your UniFi Protect Application to Version 6.2.72 or later.
CVSS Score
8.8
EPSS Score
0.004
Published
2026-01-05
A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery protocol causing it to restart. Affected Products: UniFi Protect Application (Version 6.1.79 and earlier). Mitigation: Update your UniFi Protect Application to Version 6.2.72 or later.
CVSS Score
6.5
EPSS Score
0.003
Published
2026-01-05
A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user’s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later.
CVSS Score
8.8
EPSS Score
0.009
Published
2021-11-24


Contact Us

Shodan ® - All rights reserved