UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks

The vulnerabilities, discovered during the 2025 Pwn2Own Toronto hacking competition and disclosed through Trend Micro’s Zero Day Initiative (ZDI), affect both camera firmware and the management application, with the most severe allowing complete device takeover through network-adjacent attacks. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. Improper validation of Let’s Encrypt certificates in the UniFi Protect web interface (nginx 1.25.3) allowed MITM attacks.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 24 Feb 2025 06:20:13 +0000

Cyber News related to UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks

CVE-2024-29206 - An Improper Access Control could allow a malicious actor authenticated in the API to enable Android Debug Bridge (ADB) and make unsupported changes to the system. ...
1 year ago

Ubiquiti UniFi Devices Vulnerability Allows Attackers to Inject Malicious Commands - According to the official Security advisory, the vulnerability allows malicious actors who have gained access to the UniFi Access management network to inject and execute arbitrary commands on affected devices. A critical security vulnerability ...
1 week ago Cybersecuritynews.com CVE-2025-27212

CVE-2024-29207 - An Improper Certificate Validation could allow a malicious actor with access to an adjacent network to take control of the system. ...
1 year ago

CVE-2020-8267 - A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using “x-token” improperly, allowing attackers to use the API to send authenticated messages without a valid ...
4 years ago

CVE-2024-29208 - An Unverified Password Change could allow a malicious actor with API access to the device to change the system password without knowing the previous password. ...
1 year ago

CVE-2024-22054 - A malformed discovery packet sent by a malicious actor with preexisting access to the network could interrupt the functionality of device management and discovery. ...
1 year ago

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com

CVE-2024-45205 - An Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point (not using UniFi Network Application) could allow a malicious actor with access to an adjacent network to take control of this UniFi Access Point. ...
7 months ago

Ubiquiti users report having access to others' UniFi routers, cameras - Since yesterday, users of Ubiquiti networking devices, ranging from routers to security cameras, have reported seeing other people's devices and notifications through the company's UniFi cloud services. Ubiquiti is a popular networking device ...
1 year ago Bleepingcomputer.com

How to Scan a QR Code On iPhone - The iPhone offers multiple ways of scanning QR codes, but the quickest and easiest method is using its built-in camera app. Open your camera app and point at a QR code; a notification will appear in the lower-right corner of the screen. Follow the QR ...
1 year ago Hackercombat.com

CVE-2023-35085 - An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). ...
1 year ago

CVE-2023-38034 - A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). ...
1 year ago

How To Deploy HYAS Protect - HYAS Protect is an intelligent, cloud-based protective DNS solution that proactively detects and blocks communication with command and control infrastructure used in malware attacks. HYAS Protect also blocks communication with a host of other ...
1 year ago Securityboulevard.com

CVE-2024-27981 - A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.0.28 and earlier) allows a malicious actor with UniFi Network Application Administrator credentials to escalate ...
1 year ago Tenable.com

CVE-2019-11014 - The VStarCam vstc.vscam.client library and vstc.vscam shared object, as used in the Eye4 application (for Android, iOS, and Windows), do not prevent spoofing of the camera server. An attacker can create a fake camera server that listens for the ...
6 years ago

CVE-2017-8228 - Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. Amcrest cloud services does not perform a thorough verification when allowing the user to add a new camera to the user's account to ensure that the ...
6 years ago

UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks - The vulnerabilities, discovered during the 2025 Pwn2Own Toronto hacking competition and disclosed through Trend Micro’s Zero Day Initiative (ZDI), affect both camera firmware and the management application, with the most severe allowing ...
5 months ago Cybersecuritynews.com

CVE-2023-31997 - UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both (1) running UniFi OS 3.1 and (2) hosting the UniFi Network application. ...
2 years ago

CVE-2024-34786 - UniFi iOS app 10.15.0 introduces a misconfiguration on 2nd Generation UniFi Access Points configured as standalone (not using UniFi Network Application) that could cause the SSID name to change and/or the WiFi Password to be removed on the 5GHz ...
1 year ago

CVE-2020-8146 - In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsExport folder when the controller is running on ...
4 years ago

CVE-2024-37380 - A misconfiguration on UniFi U6+ Access Point could cause an incorrect VLAN traffic forwarding to APs meshed to UniFi U6+ Access Point. ...
8 months ago

CVE-2021-22944 - A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi ...
3 years ago

CVE-2024-45599 - Cursor is an artificial intelligence code editor. Prior to version 0.41.0, if a user on macOS has granted Cursor access to the camera or microphone, any program that is run on the machine is able to access the camera or the microphone without ...
10 months ago Tenable.com

CVE-2025-23116 - An Authentication Bypass vulnerability on UniFi Protect Application with Auto-Adopt Bridge Devices enabled could allow a malicious actor with access to UniFi Protect Cameras adjacent network to take control of UniFi Protect Cameras. ...
4 months ago

CVE-2020-8188 - We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according ...
5 years ago

UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks

Cyber News related to UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks

Latest Cyber News

Cyber Trends (last 7 days)

Trending Cyber News (last 7 days)