CVE-2025-23116 Unifi — Exploit & Vulnerability Details CRITICAL

CVE-2025-23116

CRITICAL CVSS 3.0: 9.6 EPSS 0.06%

Parameter	Value
CVSS	9.6 (CRITICAL)
Type	CWE-287 (Improper Authentication)
Vendor	Unifi
Public PoC	No

An Authentication Bypass vulnerability on UniFi Protect Application with Auto-Adopt Bridge Devices enabled could allow a malicious actor with access to UniFi Protect Cameras adjacent network to take control of UniFi Protect Cameras.

Attack Parameters

Attack Vector

Adjacent

Requires local network access

Attack Complexity

Low

Easy to exploit

Privileges Required

None

No privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.0

Weakness Type (CWE)

CWE-287 Improper Authentication

References 1

https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-9…

support@hackerone.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-22558

Unifi

7.7

CVE-2026-22557

Unifi

10.0

CVE-2025-23119

Unifi

7.5

CVE-2025-23118

Unifi

6.4

CVE-2025-23117

Unifi

6.8

Menu

CVE-2025-23116

Attack Parameters

Impact Assessment

CVSS Vector v3.0

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-22558

CVE-2026-22557

CVE-2025-23119

CVE-2025-23118

CVE-2025-23117

CVE Details

Editor's Choice

Menu

CVE-2025-23116

Attack Parameters

Impact Assessment

CVSS Vector v3.0

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-22558

CVE-2026-22557

CVE-2025-23119

CVE-2025-23118

CVE-2025-23117

CVE Details

Editor's Choice

Stay informed on cybersecurity