CyberSec.Space Logo
Back to CVE Browser

CVE-2021-44530

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0900%
EPSS Percentile17.97th
PublishedJan 14, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application.

Affected Platforms (CPE)

📦
Ui

Unifi Network Controller

<= 6.5.53

References & Advisories

🔗 https://community.ui.com/releases/Security-Advisory-Bulletin-023-023/808a1db0-5f8e-4b91-9097-9822f3f90207
🔗 https://community.ui.com/releases/Security-Advisory-Bulletin-023-023/808a1db0-5f8e-4b91-9097-9822f3f90207

Related Vulnerabilities

CVE-2011-165310.0

Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow r...

CVE-2010-298410.0

Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAU...

CVE-2010-297610.0

The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of...

CVE-2025-345239.8

A heap-based buffer overflow vulnerability exists in the network-facing input handling routines of Arcserve Unified Data Protectio...