漏洞描述
有权访问管理网络的恶意行为者可能会利用 UniFi 门禁应用程序 UniFi Access 中的错误配置,该错误配置暴露了未经适当身份验证的管理 API
UniFi 认证缺失导致命令执行 CVE-2025-52665
PoC代码
暂无相关漏洞推荐
- POC CVE-2024-0799: Arcserve Unified Data Protection - Authentication Bypass
- POC CVE-2024-0801: Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll
- POC CVE-2025-52665: UniFi Access - Broken Access Control
- POC unifi-create-user: UniFi - Unauthenticated Creation Access For Users
- POC unifi-nfc-credentials: UniFi - NFC Credentials
- (CVE-2025-52665) UniFi门禁应用程序配置错误漏洞
- Securden Unified PAM 认证绕过漏洞(CVE-2025-53118)
- POC CVE-2013-5528: Cisco Unified Communications Manager 7/8/9 - Directory Traversal
- POC CVE-2018-17431: Comodo Unified Threat Management Web Console - Remote Code Execution
- POC CVE-2020-16139: Cisco Unified IP Conference Station 7937G - Denial-of-Service
- POC CVE-2025-53118: Securden Unified PAM - Authentication Bypass
- POC unifi-network-log4j-rce: UniFi Network Log4j JNDI RCE
- POC CNVD-2021-14536: Ruijie RG-UAC Unified Internet Behavior Management Audit System - Information Disclosure