Vulnerabilities (CVE)

Filtered by vendor Ui Subscribe
Filtered by product U6-extender
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-38034 1 Ui 47 U6-enterprise, U6-enterprise-iw, U6-extender and 44 more 2024-11-21 N/A 9.8 CRITICAL
A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.53 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update UniFi Switches to Version 6.5.59 or later.
CVE-2023-35085 1 Ui 47 U6-enterprise, U6-enterprise-iw, U6-extender and 44 more 2024-11-21 N/A 9.8 CRITICAL
An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.50 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update the UniFi Switches to Version 6.5.59 or later.