Improper Neutralization Vulnerability in UniFi Protect Cameras by Ubiquiti
CVE-2025-23119
7.5HIGH
Key Information:
- Vendor
- Ubiquiti Inc
- Status
- Unifi Protect Cameras
- Vendor
- CVE Published:
- 1 March 2025
Summary
An improper neutralization of escape sequences vulnerability has been discovered in UniFi Protect Cameras, enabling potential authentication bypasses and allowing malicious actors access to execute remote code. This flaw affects devices on adjacent networks, posing serious security risks for users. Proper measures should be taken to secure these devices against unauthorized access and exploitation.
Affected Version(s)
UniFi Protect Cameras 4.74.106
References
CVSS V3.0
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved