Ubiquiti Inc Unifi Protect Cameras vulnerabilities
5 known vulnerabilities affecting ubiquiti_inc/unifi_protect_cameras.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-23123P2CRITICALCVSS 10.0≥ 4.75.62, < 4.75.622025-05-19
CVE-2025-23123 [CRITICAL] CWE-122 CVE-2025-23123: A malicious actor with access to the management network could execute a remote code execution (RCE)
A malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow vulnerability in the UniFi Protect Cameras (Version 4.75.43 and earlier) firmware.
nvd
CVE-2025-23115P2CRITICALCVSS 9.0≥ 4.74.106, < 4.74.1062025-03-01
CVE-2025-23115 [CRITICAL] CWE-416 CVE-2025-23115: A Use After Free vulnerability on UniFi Protect Cameras could allow a Remote Code Execution (RCE) by
A Use After Free vulnerability on UniFi Protect Cameras could allow a Remote Code Execution (RCE) by a malicious actor with access to UniFi Protect Cameras management network.
nvd
CVE-2025-23119P3HIGHCVSS 7.5≥ 4.74.106, < 4.74.1062025-03-01
CVE-2025-23119 [HIGH] CWE-77 CVE-2025-23119: An Improper Neutralization of Escape Sequences vulnerability could allow an Authentication Bypass wi
An Improper Neutralization of Escape Sequences vulnerability could allow an Authentication Bypass with a Remote Code Execution (RCE) by a malicious actor with access to UniFi Protect Cameras adjacent network.
nvd
CVE-2025-23117P4MEDIUMCVSS 6.8≥ 4.74.106, < 4.74.1062025-03-01
CVE-2025-23117 [MEDIUM] CWE-346 CVE-2025-23117: An Insufficient Firmware Update Validation vulnerability could allow an authenticated malicious acto
An Insufficient Firmware Update Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system.
nvd
CVE-2025-23118P4MEDIUMCVSS 6.4≥ 4.74.106, < 4.74.1062025-03-01
CVE-2025-23118 [MEDIUM] CWE-295 CVE-2025-23118: An Improper Certificate Validation vulnerability could allow an authenticated malicious actor with a
An Improper Certificate Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system.
nvd