CVE-2024-22054

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions UniFi Access Points versions prior to 6.6.55 UniFi Switches versions prior to 6.6.61 UniFi LTE Backup versions prior to 6.6.57 UniFi Express versions prior to 3.2.5

Description A malformed discovery packet sent by a malicious actor with preexisting access to the network could interrupt the functionality of device management and discovery.

Recommendations Update UniFi Access Points to Version 6.6.55 or later. Update UniFi Switches to Version 6.6.61 or later. Update UniFi LTE Backup to Version 6.6.57 or later. Update UniFi Express to Version 3.2.5 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2024-22054

Affected Products

Unifi Access Points

Unifi Express

Unifi Lte Backup

Unifi Switches

CVE-2024-22054

Weakness Enumeration

Related Identifiers

Affected Products

References · 6