Search criteria
12 vulnerabilities found for unifi_protect by ui
CVE-2026-21634 (GCVE-0-2026-21634)
Vulnerability from nvd – Published: 2026-01-05 16:47 – Updated: 2026-01-05 20:42
VLAI?
Summary
A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery protocol causing it to restart.
Affected Products:
UniFi Protect Application (Version 6.1.79 and earlier).
Mitigation:
Update your UniFi Protect Application to Version 6.2.72 or later.
Severity ?
6.5 (Medium)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ubiquiti Inc | UniFi Protect Application |
Affected:
6.1.79 , < 6.2.72
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21634",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-05T20:42:03.431328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T20:42:08.706Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Protect Application",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "6.2.72",
"status": "affected",
"version": "6.1.79",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery protocol causing it to restart.\r\n\r\n\r\nAffected Products:\r\nUniFi Protect Application (Version 6.1.79 and earlier). \r\n \r\nMitigation:\r\nUpdate your UniFi Protect Application to Version 6.2.72 or later."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T16:47:38.917Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-058-058/6922ff20-8cd7-4724-8d8c-676458a2d0f9"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-21634",
"datePublished": "2026-01-05T16:47:38.917Z",
"dateReserved": "2026-01-01T15:00:02.338Z",
"dateUpdated": "2026-01-05T20:42:08.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21633 (GCVE-0-2026-21633)
Vulnerability from nvd – Published: 2026-01-05 16:47 – Updated: 2026-01-05 21:03
VLAI?
Summary
A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application (Version 6.1.79 and earlier).
Affected Products:
UniFi Protect Application (Version 6.1.79 and earlier).
Mitigation:
Update your UniFi Protect Application to Version 6.2.72 or later.
Severity ?
8.8 (High)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ubiquiti Inc | UniFi Protect Application |
Affected:
6.1.79 , < 6.2.72
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-05T21:03:35.276072Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T21:03:40.183Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Protect Application",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "6.2.72",
"status": "affected",
"version": "6.1.79",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application (Version 6.1.79 and earlier).\r\n\r\n \r\n\r\nAffected Products:\r\n\r\nUniFi Protect Application (Version 6.1.79 and earlier).\r\n\r\n \r\n\r\nMitigation:\r\n\r\nUpdate your UniFi Protect Application to Version 6.2.72 or later."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T16:47:38.510Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-058-058/6922ff20-8cd7-4724-8d8c-676458a2d0f9"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-21633",
"datePublished": "2026-01-05T16:47:38.510Z",
"dateReserved": "2026-01-01T15:00:02.338Z",
"dateUpdated": "2026-01-05T21:03:40.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-22957 (GCVE-0-2021-22957)
Vulnerability from nvd – Published: 2021-11-24 18:49 – Updated: 2024-08-03 18:58
VLAI?
Summary
A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user’s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later.
Severity ?
No CVSS data available.
CWE
- CWE-16 - Misconfiguration (CWE-16)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | UniFi Protect application |
Affected:
Fixed in 1.20.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-021-021/62bd8841-6603-4fee-9dba-73037148f173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UniFi Protect application",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 1.20.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user\u2019s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-16",
"description": "Misconfiguration (CWE-16)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-24T18:49:30",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-021-021/62bd8841-6603-4fee-9dba-73037148f173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22957",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UniFi Protect application",
"version": {
"version_data": [
{
"version_value": "Fixed in 1.20.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user\u2019s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Misconfiguration (CWE-16)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-021-021/62bd8841-6603-4fee-9dba-73037148f173",
"refsource": "MISC",
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-021-021/62bd8841-6603-4fee-9dba-73037148f173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22957",
"datePublished": "2021-11-24T18:49:30",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:26.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22944 (GCVE-0-2021-22944)
Vulnerability from nvd – Published: 2021-08-31 16:53 – Updated: 2024-08-03 18:58
VLAI?
Summary
A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation (CAPEC-233)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | UniFi Protect application |
Affected:
Fixed on 1.19.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UniFi Protect application",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed on 1.19.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation (CAPEC-233)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-31T16:53:08",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22944",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UniFi Protect application",
"version": {
"version_data": [
{
"version_value": "Fixed on 1.19.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation (CAPEC-233)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f",
"refsource": "MISC",
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22944",
"datePublished": "2021-08-31T16:53:08",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:26.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22943 (GCVE-0-2021-22943)
Vulnerability from nvd – Published: 2021-08-31 16:53 – Updated: 2024-08-03 18:58
VLAI?
Summary
A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.
Severity ?
No CVSS data available.
CWE
- CWE-287 - Improper Authentication - Generic (CWE-287)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | UniFi Protect application |
Affected:
Fixed on 1.19.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:25.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UniFi Protect application",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed on 1.19.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication - Generic (CWE-287)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-31T16:53:19",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UniFi Protect application",
"version": {
"version_data": [
{
"version_value": "Fixed on 1.19.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication - Generic (CWE-287)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f",
"refsource": "MISC",
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22943",
"datePublished": "2021-08-31T16:53:19",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:25.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8213 (GCVE-0-2020-8213)
Vulnerability from nvd – Published: 2020-07-30 12:53 – Updated: 2024-08-04 09:56
VLAI?
Summary
An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.
Severity ?
No CVSS data available.
CWE
- CWE-209 - Information Exposure Through an Error Message (CWE-209)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| UniFi | Protect for UniFi Cloud Key Gen2 Plus |
Affected:
Fixed in v1.13.4-beta.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:27.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-advisory-bulletin-013-013/56d4d616-4afd-40ee-863f-319b7126ed84"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Protect for UniFi Cloud Key Gen2 Plus",
"vendor": "UniFi",
"versions": [
{
"status": "affected",
"version": "Fixed in v1.13.4-beta.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "Information Exposure Through an Error Message (CWE-209)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-31T18:15:26",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/Security-advisory-bulletin-013-013/56d4d616-4afd-40ee-863f-319b7126ed84"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2020-8213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Protect for UniFi Cloud Key Gen2 Plus",
"version": {
"version_data": [
{
"version_value": "Fixed in v1.13.4-beta.5"
}
]
}
}
]
},
"vendor_name": "UniFi"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure Through an Error Message (CWE-209)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/Security-advisory-bulletin-013-013/56d4d616-4afd-40ee-863f-319b7126ed84",
"refsource": "MISC",
"url": "https://community.ui.com/releases/Security-advisory-bulletin-013-013/56d4d616-4afd-40ee-863f-319b7126ed84"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8213",
"datePublished": "2020-07-30T12:53:02",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:27.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-21634 (GCVE-0-2026-21634)
Vulnerability from cvelistv5 – Published: 2026-01-05 16:47 – Updated: 2026-01-05 20:42
VLAI?
Summary
A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery protocol causing it to restart.
Affected Products:
UniFi Protect Application (Version 6.1.79 and earlier).
Mitigation:
Update your UniFi Protect Application to Version 6.2.72 or later.
Severity ?
6.5 (Medium)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ubiquiti Inc | UniFi Protect Application |
Affected:
6.1.79 , < 6.2.72
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21634",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-05T20:42:03.431328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T20:42:08.706Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Protect Application",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "6.2.72",
"status": "affected",
"version": "6.1.79",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery protocol causing it to restart.\r\n\r\n\r\nAffected Products:\r\nUniFi Protect Application (Version 6.1.79 and earlier). \r\n \r\nMitigation:\r\nUpdate your UniFi Protect Application to Version 6.2.72 or later."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T16:47:38.917Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-058-058/6922ff20-8cd7-4724-8d8c-676458a2d0f9"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-21634",
"datePublished": "2026-01-05T16:47:38.917Z",
"dateReserved": "2026-01-01T15:00:02.338Z",
"dateUpdated": "2026-01-05T20:42:08.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21633 (GCVE-0-2026-21633)
Vulnerability from cvelistv5 – Published: 2026-01-05 16:47 – Updated: 2026-01-05 21:03
VLAI?
Summary
A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application (Version 6.1.79 and earlier).
Affected Products:
UniFi Protect Application (Version 6.1.79 and earlier).
Mitigation:
Update your UniFi Protect Application to Version 6.2.72 or later.
Severity ?
8.8 (High)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ubiquiti Inc | UniFi Protect Application |
Affected:
6.1.79 , < 6.2.72
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-05T21:03:35.276072Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T21:03:40.183Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Protect Application",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "6.2.72",
"status": "affected",
"version": "6.1.79",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application (Version 6.1.79 and earlier).\r\n\r\n \r\n\r\nAffected Products:\r\n\r\nUniFi Protect Application (Version 6.1.79 and earlier).\r\n\r\n \r\n\r\nMitigation:\r\n\r\nUpdate your UniFi Protect Application to Version 6.2.72 or later."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T16:47:38.510Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-058-058/6922ff20-8cd7-4724-8d8c-676458a2d0f9"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-21633",
"datePublished": "2026-01-05T16:47:38.510Z",
"dateReserved": "2026-01-01T15:00:02.338Z",
"dateUpdated": "2026-01-05T21:03:40.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-22957 (GCVE-0-2021-22957)
Vulnerability from cvelistv5 – Published: 2021-11-24 18:49 – Updated: 2024-08-03 18:58
VLAI?
Summary
A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user’s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later.
Severity ?
No CVSS data available.
CWE
- CWE-16 - Misconfiguration (CWE-16)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | UniFi Protect application |
Affected:
Fixed in 1.20.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-021-021/62bd8841-6603-4fee-9dba-73037148f173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UniFi Protect application",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 1.20.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user\u2019s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-16",
"description": "Misconfiguration (CWE-16)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-24T18:49:30",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-021-021/62bd8841-6603-4fee-9dba-73037148f173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22957",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UniFi Protect application",
"version": {
"version_data": [
{
"version_value": "Fixed in 1.20.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user\u2019s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Misconfiguration (CWE-16)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-021-021/62bd8841-6603-4fee-9dba-73037148f173",
"refsource": "MISC",
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-021-021/62bd8841-6603-4fee-9dba-73037148f173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22957",
"datePublished": "2021-11-24T18:49:30",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:26.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22943 (GCVE-0-2021-22943)
Vulnerability from cvelistv5 – Published: 2021-08-31 16:53 – Updated: 2024-08-03 18:58
VLAI?
Summary
A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.
Severity ?
No CVSS data available.
CWE
- CWE-287 - Improper Authentication - Generic (CWE-287)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | UniFi Protect application |
Affected:
Fixed on 1.19.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:25.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UniFi Protect application",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed on 1.19.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication - Generic (CWE-287)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-31T16:53:19",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UniFi Protect application",
"version": {
"version_data": [
{
"version_value": "Fixed on 1.19.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication - Generic (CWE-287)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f",
"refsource": "MISC",
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22943",
"datePublished": "2021-08-31T16:53:19",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:25.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22944 (GCVE-0-2021-22944)
Vulnerability from cvelistv5 – Published: 2021-08-31 16:53 – Updated: 2024-08-03 18:58
VLAI?
Summary
A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation (CAPEC-233)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | UniFi Protect application |
Affected:
Fixed on 1.19.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UniFi Protect application",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed on 1.19.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation (CAPEC-233)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-31T16:53:08",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22944",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UniFi Protect application",
"version": {
"version_data": [
{
"version_value": "Fixed on 1.19.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation (CAPEC-233)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f",
"refsource": "MISC",
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22944",
"datePublished": "2021-08-31T16:53:08",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:26.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8213 (GCVE-0-2020-8213)
Vulnerability from cvelistv5 – Published: 2020-07-30 12:53 – Updated: 2024-08-04 09:56
VLAI?
Summary
An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.
Severity ?
No CVSS data available.
CWE
- CWE-209 - Information Exposure Through an Error Message (CWE-209)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| UniFi | Protect for UniFi Cloud Key Gen2 Plus |
Affected:
Fixed in v1.13.4-beta.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:27.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-advisory-bulletin-013-013/56d4d616-4afd-40ee-863f-319b7126ed84"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Protect for UniFi Cloud Key Gen2 Plus",
"vendor": "UniFi",
"versions": [
{
"status": "affected",
"version": "Fixed in v1.13.4-beta.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "Information Exposure Through an Error Message (CWE-209)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-31T18:15:26",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/Security-advisory-bulletin-013-013/56d4d616-4afd-40ee-863f-319b7126ed84"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2020-8213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Protect for UniFi Cloud Key Gen2 Plus",
"version": {
"version_data": [
{
"version_value": "Fixed in v1.13.4-beta.5"
}
]
}
}
]
},
"vendor_name": "UniFi"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure Through an Error Message (CWE-209)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/Security-advisory-bulletin-013-013/56d4d616-4afd-40ee-863f-319b7126ed84",
"refsource": "MISC",
"url": "https://community.ui.com/releases/Security-advisory-bulletin-013-013/56d4d616-4afd-40ee-863f-319b7126ed84"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8213",
"datePublished": "2020-07-30T12:53:02",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:27.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}