CVE-2024-34786 Information

Description

UniFi iOS app 10.15.0 introduces a misconfiguration on 2nd Generation UniFi Access Points configured as standalone (not using UniFi Network Application) that could cause the SSID name to change and/or the WiFi Password to be removed on the 5GHz Radio.

This vulnerability is fixed in UniFi iOS app 10.15.2 and later.

Reference

https://community.ui.com/releases/Security-Advisory-Bulletin-040-040/b4b508c0-8453-405b-8660-1f55ade669c0