CVE-2023-35085

CVSS V2 None CVSS V3 None

Description

An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.50 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update the UniFi Switches to Version 6.5.59 or later.

Overview

CVE ID
CVE-2023-35085

Assigner
support@hackerone.com

Vulnerability Status
Analyzed

Published Version
2023-08-10T19:15:09

Last Modified Date
2023-08-17T14:42:14

Weakness Enumerations

CWE	URL
CWE-190	http://cwe.mitre.org/data/definitions/190.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version End
		AND
cpe:2.3:o:ui:unifi_uap_firmware::::::::	1	OR	6.5.50
cpe:2.3:h:ui:u6\+:-:::::::*	0	OR
cpe:2.3:h:ui:u6-enterprise:-:::::::*	0	OR
cpe:2.3:h:ui:u6-enterprise-iw:-:::::::*	0	OR
cpe:2.3:h:ui:u6-extender:-:::::::*	0	OR
cpe:2.3:h:ui:u6-iw:-:::::::*	0	OR
cpe:2.3:h:ui:u6-lite:-:::::::*	0	OR
cpe:2.3:h:ui:u6-lr:-:::::::*	0	OR
cpe:2.3:h:ui:u6-mesh:-:::::::*	0	OR
cpe:2.3:h:ui:u6-pro:-:::::::*	0	OR
cpe:2.3:h:ui:uap-ac-iw:-:::::::*	0	OR
cpe:2.3:h:ui:uap-ac-lite:-:::::::*	0	OR
cpe:2.3:h:ui:uap-ac-lr:-:::::::*	0	OR
cpe:2.3:h:ui:uap-ac-m:-:::::::*	0	OR
cpe:2.3:h:ui:uap-ac-m-pro:-:::::::*	0	OR
cpe:2.3:h:ui:uap-ac-pro:-:::::::*	0	OR
cpe:2.3:h:ui:ubb:-:::::::*	0	OR
cpe:2.3:h:ui:ubb-xg:-:::::::*	0	OR
cpe:2.3:h:ui:uwb-xg:-:::::::*	0	OR
		AND
cpe:2.3:o:ui:unifi_switch_firmware::::::::	1	OR	6.5.32
cpe:2.3:h:ui:us-16-150w:-:::::::*	0	OR
cpe:2.3:h:ui:us-24-250w:-:::::::*	0	OR
cpe:2.3:h:ui:us-48-500w:-:::::::*	0	OR
cpe:2.3:h:ui:us-8-150w:-:::::::*	0	OR
cpe:2.3:h:ui:us-8-60w:-:::::::*	0	OR
cpe:2.3:h:ui:us-xg-6poe:-:::::::*	0	OR
cpe:2.3:h:ui:usw-16-poe:-:::::::*	0	OR
cpe:2.3:h:ui:usw-24:-:::::::*	0	OR
cpe:2.3:h:ui:usw-24-poe:-:::::::*	0	OR
cpe:2.3:h:ui:usw-48:-:::::::*	0	OR
cpe:2.3:h:ui:usw-48-poe:-:::::::*	0	OR
cpe:2.3:h:ui:usw-aggregation:-:::::::*	0	OR
cpe:2.3:h:ui:usw-enterprise-24-poe:-:::::::*	0	OR
cpe:2.3:h:ui:usw-enterprise-48-poe:-:::::::*	0	OR
cpe:2.3:h:ui:usw-enterprise-8-poe:-:::::::*	0	OR
cpe:2.3:h:ui:usw-enterprisexg-24:-:::::::*	0	OR
cpe:2.3:h:ui:usw-flex:-:::::::*	0	OR
cpe:2.3:h:ui:usw-flex-xg:-:::::::*	0	OR
cpe:2.3:h:ui:usw-industrial:-:::::::*	0	OR
cpe:2.3:h:ui:usw-lite-16-poe:-:::::::*	0	OR
cpe:2.3:h:ui:usw-lite-8-poe:-:::::::*	0	OR
cpe:2.3:h:ui:usw-mission-critical:-:::::::*	0	OR
cpe:2.3:h:ui:usw-pro-24:-:::::::*	0	OR
cpe:2.3:h:ui:usw-pro-24-poe:-:::::::*	0	OR
cpe:2.3:h:ui:usw-pro-48:-:::::::*	0	OR
cpe:2.3:h:ui:usw-pro-48-poe:-:::::::*	0	OR
cpe:2.3:h:ui:usw-pro-aggregation:-:::::::*	0	OR

References

Reference URL	Reference Tags
https://community.ui.com/releases/Security-Advisory-Bulletin-035-035/91107858-9884-44df-b1c6-63c6499f6e56	Issue Tracking Vendor Advisory

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-35085
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35085

History

Created	Old Value	New Value	Data Type	Notes
2023-09-06 03:31:14				Added to TrackCVE
2023-09-06 03:31:16			Weakness Enumeration	new