Security Advisory

CVE-2024-42025

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-09-13 15:47:19
Last updated 2024-09-28 17:44:02
Assigner hackerone
State PUBLISHED

Description

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device.