UniFi iOS App 10.15.0 Vulnerability: SSID Name and WiFi Password Change or Removal on 2nd Generation UniFi Access Points
CVE-2024-34786

Currently unrated

Key Information:

Vendor

Ubiquiti

Status
Unifi iOS App
Vendor
CVE Published:
9 July 2024

What is CVE-2024-34786?

UniFi iOS app 10.15.0 introduces a misconfiguration on 2nd Generation UniFi Access Points configured as standalone (not using UniFi Network Application) that could cause the SSID name to change and/or the WiFi Password to be removed on the 5GHz Radio.

This vulnerability is fixed in UniFi iOS app 10.15.2 and later.

Affected Version(s)

UniFi iOS App 10.15.2

References

https://community.ui.com/releases/Security-Advisory-Bulle...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.