Primary

Context

Ubiquiti UniFi Protect Cameras Authentication Bypass and Remote Code Execution Vulnerability

Vulnerability

A vulnerability allowing authentication bypass with subsequent remote code execution has been identified in Ubiquiti UniFi Protect Cameras running version 4.74.88 and earlier. This vulnerability arises from improper neutralization of escape sequences, and can be exploited by a malicious actor with access to the cameras' adjacent network.

Impact

Exploitation of this vulnerability could lead to unauthorized authentication and remote code execution on the affected camera system.

Remediation

Users are advised to update their UniFi Protect Cameras to version 4.74.106 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ubiquiti UniFi Protect Cameras Authentication Bypass and Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating