Improper Input Validation in EdgeMAX EdgeSwitch by Ubiquiti
CVE-2025-27211

7.5HIGH

Key Information:

Vendor

Ubiquiti Inc

Status
Edgemax Edgeswitch
Vendor
CVE Published:
4 August 2025

What is CVE-2025-27211?

An improper input validation vulnerability in the EdgeMAX EdgeSwitch allows a malicious actor to potentially exploit command injection vulnerabilities through crafted inputs. This issue affects EdgeSwitch devices on adjacent networks, enabling unauthorized access and commands that may compromise device integrity. Network administrators are urged to implement mitigations and update to secure versions to safeguard their environments from potential attacks.

Affected Version(s)

EdgeMAX EdgeSwitch 1.11.0

References

https://community.ui.com/releases/Security-Advisory-Bulle...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-27211 : Improper Input Validation in EdgeMAX EdgeSwitch by Ubiquiti