CVE-2023-38034

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-38034
A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.53 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update UniFi Switches to Version 6.5.59 or later.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://community.ui.com/releases/Security-Advisory-Bulletin-035-035/91107858-9884-44df-b1c6-63c6499f6e56 Issue Tracking Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:ui:unifi_uap_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:ui:u6\+:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-enterprise:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-enterprise-iw:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-extender:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-iw:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-lite:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-lr:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-mesh:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-pro:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-iw:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-lite:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-lr:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-m:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-m-pro:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-pro:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:ubb:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:ubb-xg:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uwb-xg:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:ui:unifi_switch_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:ui:us-16-150w:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:us-24-250w:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:us-48-500w:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:us-8-150w:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:us-8-60w:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:us-xg-6poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-16-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-24:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-24-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-48:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-48-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-aggregation:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-enterprise-24-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-enterprise-48-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-enterprise-8-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-enterprisexg-24:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-flex:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-flex-xg:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-industrial:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-lite-16-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-lite-8-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-mission-critical:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-pro-24:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-pro-24-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-pro-48:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-pro-48-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-pro-aggregation:-:*:*:*:*:*:*:*
History

17 Aug 2023, 14:42

Type Values Removed Values Added
CWE CWE-77
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
First Time Ui usw-enterprisexg-24
Ui u6\+
Ui u6-extender
Ui usw-enterprise-24-poe
Ui
Ui us-16-150w
Ui usw-pro-24
Ui u6-iw
Ui usw-pro-aggregation
Ui u6-pro
Ui usw-flex-xg
Ui usw-pro-48
Ui usw-lite-8-poe
Ui usw-industrial
Ui usw-aggregation
Ui u6-lr
Ui usw-24
Ui us-8-150w
Ui usw-16-poe
Ui uap-ac-m-pro
Ui uwb-xg
Ui u6-enterprise-iw
Ui uap-ac-lite
Ui usw-flex
Ui usw-pro-24-poe
Ui unifi Uap Firmware
Ui us-24-250w
Ui ubb
Ui usw-mission-critical
Ui usw-enterprise-8-poe
Ui us-48-500w
Ui ubb-xg
Ui uap-ac-lr
Ui u6-mesh
Ui uap-ac-iw
Ui usw-48
Ui usw-48-poe
Ui us-8-60w
Ui unifi Switch Firmware
Ui usw-24-poe
Ui usw-enterprise-48-poe
Ui u6-lite
Ui usw-pro-48-poe
Ui uap-ac-pro
Ui u6-enterprise
Ui usw-lite-16-poe
Ui us-xg-6poe
Ui uap-ac-m
CPE cpe:2.3:h:ui:u6-extender:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-iw:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-lite:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-enterprise-24-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-iw:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-mission-critical:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-lr:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-enterprise-48-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-pro-aggregation:-:*:*:*:*:*:*:*
cpe:2.3:o:ui:unifi_switch_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-16-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-24-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uwb-xg:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-industrial:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-48-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-m:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6\+:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-lr:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-pro:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-enterprisexg-24:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-pro-24-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:us-48-500w:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-flex:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-lite-8-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-pro-48-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:us-24-250w:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-24:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:uap-ac-m-pro:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-lite-16-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:us-xg-6poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-pro-48:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-pro:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-48:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:ubb-xg:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-enterprise:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-mesh:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:us-8-60w:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-flex-xg:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-aggregation:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-pro-24:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-lite:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:us-8-150w:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:ubb:-:*:*:*:*:*:*:*
cpe:2.3:o:ui:unifi_uap_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ui:us-16-150w:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:usw-enterprise-8-poe:-:*:*:*:*:*:*:*
cpe:2.3:h:ui:u6-enterprise-iw:-:*:*:*:*:*:*:*
References (MISC) https://community.ui.com/releases/Security-Advisory-Bulletin-035-035/91107858-9884-44df-b1c6-63c6499f6e56 - (MISC) https://community.ui.com/releases/Security-Advisory-Bulletin-035-035/91107858-9884-44df-b1c6-63c6499f6e56 - Issue Tracking, Vendor Advisory

10 Aug 2023, 19:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-08-10 19:15

Updated : 2023-12-10 15:14

NVD link : CVE-2023-38034

Mitre link : CVE-2023-38034

CVE.ORG link : CVE-2023-38034

JSON object : View

Products Affected

ui

  • u6-lite
  • us-xg-6poe
  • u6-extender
  • us-48-500w
  • usw-pro-48
  • usw-industrial
  • usw-lite-8-poe
  • usw-24-poe
  • usw-flex-xg
  • unifi_uap_firmware
  • u6-enterprise
  • us-8-60w
  • usw-aggregation
  • usw-enterprise-8-poe
  • us-24-250w
  • usw-lite-16-poe
  • us-16-150w
  • usw-flex
  • uap-ac-m-pro
  • u6-lr
  • uap-ac-m
  • u6-enterprise-iw
  • usw-16-poe
  • uap-ac-lr
  • uwb-xg
  • uap-ac-iw
  • unifi_switch_firmware
  • usw-pro-24
  • usw-48-poe
  • ubb-xg
  • usw-enterprise-48-poe
  • u6-iw
  • usw-48
  • ubb
  • usw-pro-48-poe
  • usw-24
  • uap-ac-lite
  • us-8-150w
  • u6-mesh
  • usw-enterprise-24-poe
  • usw-enterprisexg-24
  • uap-ac-pro
  • usw-mission-critical
  • u6\+
  • usw-pro-aggregation
  • u6-pro
  • usw-pro-24-poe
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')