Affected Products:
UniFi Access Reader Pro (Version 2.14.21 and earlier)
UniFi Access G2 Reader Pro (Version 1.10.32 and earlier)
UniFi Access G3 Reader Pro (Version 1.10.30 and earlier)
UniFi Access Intercom (Version 1.7.28 and earlier)
UniFi Access G3 Intercom (Version 1.7.29 and earlier)
UniFi Access Intercom Viewer (Version 1.3.20 and earlier)
Mitigation:
Update UniFi Access Reader Pro Version 2.15.9 or later
Update UniFi Access G2 Reader Pro Version 1.11.23 or later
Update UniFi Access G3 Reader Pro Version 1.11.22 or later
Update UniFi Access Intercom Version 1.8.22 or later
Update UniFi Access G3 Intercom Version 1.8.22 or later
Update UniFi Access Intercom Viewer Version 1.4.39 or later
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Ubiquiti |
|
| Ui |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
| Ubiquiti |
|
| Ui |
|
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-23556 | An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a malicious actor with access to UniFi Access management network. Affected Products: UniFi Access Reader Pro (Version 2.14.21 and earlier) UniFi Access G2 Reader Pro (Version 1.10.32 and earlier) UniFi Access G3 Reader Pro (Version 1.10.30 and earlier) UniFi Access Intercom (Version 1.7.28 and earlier) UniFi Access G3 Intercom (Version 1.7.29 and earlier) UniFi Access Intercom Viewer (Version 1.3.20 and earlier) Mitigation: Update UniFi Access Reader Pro Version 2.15.9 or later Update UniFi Access G2 Reader Pro Version 1.11.23 or later Update UniFi Access G3 Reader Pro Version 1.11.22 or later Update UniFi Access Intercom Version 1.8.22 or later Update UniFi Access G3 Intercom Version 1.8.22 or later Update UniFi Access Intercom Viewer Version 1.4.39 or later |
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Tue, 05 Aug 2025 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-20 CWE-77 |
|
| Metrics |
cvssV3_1
|
Tue, 05 Aug 2025 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Ubiquiti
Ubiquiti unifi Access Points Ubiquiti unifi Os Ui Ui intercom Ui unifi Access Points Ui unifi Os |
|
| Vendors & Products |
Ubiquiti
Ubiquiti unifi Access Points Ubiquiti unifi Os Ui Ui intercom Ui unifi Access Points Ui unifi Os |
Mon, 04 Aug 2025 22:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a malicious actor with access to UniFi Access management network. Affected Products: UniFi Access Reader Pro (Version 2.14.21 and earlier) UniFi Access G2 Reader Pro (Version 1.10.32 and earlier) UniFi Access G3 Reader Pro (Version 1.10.30 and earlier) UniFi Access Intercom (Version 1.7.28 and earlier) UniFi Access G3 Intercom (Version 1.7.29 and earlier) UniFi Access Intercom Viewer (Version 1.3.20 and earlier) Mitigation: Update UniFi Access Reader Pro Version 2.15.9 or later Update UniFi Access G2 Reader Pro Version 1.11.23 or later Update UniFi Access G3 Reader Pro Version 1.11.22 or later Update UniFi Access Intercom Version 1.8.22 or later Update UniFi Access G3 Intercom Version 1.8.22 or later Update UniFi Access Intercom Viewer Version 1.4.39 or later | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: hackerone
Published:
Updated: 2025-08-05T13:33:09.184Z
Reserved: 2025-02-20T01:00:01.799Z
Link: CVE-2025-27212
Vulnrichment
Updated: 2025-08-05T13:31:44.119Z
NVD
Status : Awaiting Analysis
Published: 2025-08-04T23:15:27.963
Modified: 2025-08-05T14:34:17.327
Link: CVE-2025-27212
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-08-05T11:38:52Z