Improper Neutralization Vulnerability in UniFi Protect Cameras by Ubiquiti
CVE-2025-23119

7.5HIGH

Key Information:

Vendor
Ubiquiti Inc
Status
Unifi Protect Cameras
Vendor
CVE Published:
1 March 2025

Summary

An improper neutralization of escape sequences vulnerability has been discovered in UniFi Protect Cameras, enabling potential authentication bypasses and allowing malicious actors access to execute remote code. This flaw affects devices on adjacent networks, posing serious security risks for users. Proper measures should be taken to secure these devices against unauthorized access and exploitation.

Affected Version(s)

UniFi Protect Cameras 4.74.106

References

CVSS V3.0

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.