CVE-2025-23117 Unifi — Exploit & Vulnerability Details MEDIUM

CVE-2025-23117

MEDIUM CVSS 3.1: 6.8 EPSS 0.02%

Parameter	Value
CVSS	6.8 (MEDIUM)
Type	CWE-346 (Origin Validation Error)
Vendor	Unifi
Public PoC	No

An Insufficient Firmware Update Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system.

Attack Parameters

Attack Vector

Adjacent

Requires local network access

Attack Complexity

Low

Easy to exploit

Privileges Required

High

Admin privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-346 Origin Validation Error

References 1

https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-9…

support@hackerone.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-22558

Unifi

7.7

CVE-2026-22557

Unifi

10.0

CVE-2025-23119

Unifi

7.5

CVE-2025-23118

Unifi

6.4

CVE-2025-23116

Unifi

9.6

Menu

CVE-2025-23117

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-22558

CVE-2026-22557

CVE-2025-23119

CVE-2025-23118

CVE-2025-23116

CVE Details

Editor's Choice

Menu

CVE-2025-23117

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-22558

CVE-2026-22557

CVE-2025-23119

CVE-2025-23118

CVE-2025-23116

CVE Details

Editor's Choice

Stay informed on cybersecurity