- Description
- An Improper Certificate Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system.
- Source
- support@hackerone.com
- NVD status
- Awaiting Analysis
CVSS 3.0
- Type
- Secondary
- Base score
- 6.4
- Impact score
- 5.9
- Exploitability score
- 0.5
- Vector string
- CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-295
- Hype score
- Not currently trending
[ZDI-25-376|CVE-2025-23118] (Pwn2Own) Ubiquiti Networks AI Bullet Improper Certificate Validation Authentication Bypass Vulnerability (CVSS 7.5; Credit: @kiddo_pwn, @d0now, @insp3ct0r_x, @D0b6y, @leeju_04, @ju_cheda, @nang__lam, @slyfizz3 of STEALIEN Inc.) https://t.co/obS8oZNydl
@TheZDIBugs
18 Jun 2025
1035 Impressions
4 Retweets
11 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-23118 🟠 MEDIUM (6.4) 🏢 Ubiquiti Inc - UniFi Protect Cameras 🏗️ 4.74.106 🔗 https://t.co/6DU0pR9EUd #CyberCron #VulnAlert #InfoSec https://t.co/v31lXWmrhI
@cybercronai
2 Mar 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes