Improper Neutralization Vulnerability in UniFi Protect Cameras by Ubiquiti
CVE-2025-23119

7.5HIGH

Key Information:

Vendor: Ubiquiti Inc
Status: Unifi Protect Cameras
Vendor: CVE Published:; 1 March 2025

🔔 Create Ubiquiti Inc Vulnerability Alert

What is CVE-2025-23119?

An improper neutralization of escape sequences vulnerability has been discovered in UniFi Protect Cameras, enabling potential authentication bypasses and allowing malicious actors access to execute remote code. This flaw affects devices on adjacent networks, posing serious security risks for users. Proper measures should be taken to secure these devices against unauthorized access and exploitation.

Affected Version(s)

UniFi Protect Cameras 4.74.106

References

https://community.ui.com/releases/Security-Advisory-Bulle...

CVSS V3.0

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 1, 2025
Vulnerability Reserved
Jan 11, 2025