Description
A backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Attack Vector
- network
- Complexity
- low
- Privileges
- high
- User Action
- none
- Scope
- changed
- Confidentiality
- high
- Integrity
- high
- Availability
- high
- Weaknesses
- CWE-77
Metadata
- Primary Vendor
- UI
- Published
- 7/1/2023
- Last Modified
- 12/12/2024
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
ui : unifi_network_application
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.