CNNVD-202506-3696 Information

CNNVD ID

CNNVD-202506-3696

Related CVE

CVE-2025-24290

• CNNVD Published: 2025-06-29

Description (Chinese)

Ubiquiti UISP Application是美国优比快（Ubiquiti）公司的一个用于管理和配置其网络设备的应用程序。 Ubiquiti UISP Application 2.4.206及之前版本存在安全漏洞，该漏洞源于存在多个经过身份验证的SQL注入漏洞，可能导致权限提升。

Description (English)

Ubiquiti UISP Application is an application of Ubiquiti to manage and configure its network equipment. The Ubiquiti UISP Application 2.4.206 and previous versions had a security loophole, which stemmed from multiple identified SQL injections, which could lead to increased access.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

优比快

Published

2025-06-29

Last Modified

2026-02-24

References

https://community.ui.com/releases/Security-Advisory-Bulletin-048-048/af007d99-bb6d-4368-a12f-75e84de19e8d https://access.redhat.com/security/cve/cve-2025-24290

Patch

https://community.ui.com/releases/Security-Advisory-Bulletin-048-048/af007d99-bb6d-4368-a12f-75e84de19e8d