CVE-2024-27981
04.04.2024, 23:15
A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.0.28 and earlier) allows a malicious actor with UniFi Network Application Administrator credentials to escalate privileges to root on the host device. Affected Products: UniFi Network Application (Version 8.0.28 and earlier) . Mitigation: Update UniFi Network Application to Version 8.1.113 or later.
| Vendor | Product | Version |
|---|---|---|
| ubiquiti | unifi_network_application | 𝑥 < 8.1.113 |
𝑥
= Vulnerable software versions