Close Menu

    CVE-2025-27212 – Ubiquiti UniFi Access Command Injection Vulnerability

    CVE ID : CVE-2025-27212

    Published : Aug. 4, 2025, 11:15 p.m. | 28 minutes ago

    Description : An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a malicious actor with access to UniFi Access management network.

    Affected Products:
    UniFi Access Reader Pro (Version 2.14.21 and earlier)
    UniFi Access G2 Reader Pro (Version 1.10.32 and earlier)
    UniFi Access G3 Reader Pro (Version 1.10.30 and earlier)
    UniFi Access Intercom (Version 1.7.28 and earlier)
    UniFi Access G3 Intercom (Version 1.7.29 and earlier)
    UniFi Access Intercom Viewer (Version 1.3.20 and earlier)

    Mitigation:
    Update UniFi Access Reader Pro Version 2.15.9 or later
    Update UniFi Access G2 Reader Pro Version 1.11.23 or later
    Update UniFi Access G3 Reader Pro Version 1.11.22 or later
    Update UniFi Access Intercom Version 1.8.22 or later
    Update UniFi Access G3 Intercom Version 1.8.22 or later
    Update UniFi Access Intercom Viewer Version 1.4.39 or later

    Severity: 0.0 | NA

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    Source: Read More

    Related Posts

    Leave A Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.