{“lastseen”:””,”description”:”An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a malicious actor with access to UniFi Access management network.\\r\\n\\r\\n \\r\\n\\r\\nAffected Products:\\r\\nUniFi Access Reader Pro (Version 2.14.21 and earlier)\\r\\nUniFi Access G2 Reader Pro (Version 1.10.32 and earlier)\\r\\nUniFi Access G3 Reader Pro (Version 1.10.30 and earlier)\\r\\nUniFi Access Intercom (Version 1.7.28 and earlier)\\r\\nUniFi Access G3 Intercom (Version 1.7.29 and earlier)\\r\\nUniFi Access Intercom Viewer (Version 1.3.20 and earlier)\\r\\n\\r\\n \\r\\n\\r\\nMitigation:\\r\\nUpdate UniFi Access Reader Pro Version 2.15.9 or later\\r\\nUpdate UniFi Access G2 Reader Pro Version 1.11.23 or later\\r\\nUpdate UniFi Access G3 Reader Pro Version 1.11.22 or later\\r\\nUpdate UniFi Access Intercom Version 1.8.22 or later\\r\\nUpdate UniFi Access G3 Intercom Version 1.8.22 or later\\r\\nUpdate UniFi Access Intercom Viewer Version 1.4.39 or later”,”published”:”2025-08-04T22:12:18.820Z”,”modified”:”2025-08-05T13:33:09.184Z”,”type”:”cve”,”title”:”CVE-2025-27212″,”source”:”hackerone”,”references”:”https:\/\/community.ui.com\/releases\/Security-Advisory-Bulletin-051-051\/583fa6e1-3d85-42ec-a453-651d1653c9b3″,”id”:”CVE-2025-27212″,”bulletinFamily”:””,”cwe”:[“CWE-20″,”CWE-77″],”cvelist”:null,”sourceData”:”Ubiquiti Inc UniFi Access Reader Pro 2.15.9\\nUbiquiti Inc UniFi Access G2 Reader Pro 1.11.23\\nUbiquiti Inc UniFi Access G3 Reader Pro 1.11.22\\nUbiquiti Inc UniFi Access Intercom 1.8.22\\nUbiquiti Inc UniFi Access G3 Intercom 1.8.22\\nUbiquiti Inc UniFi Access Intercom Viewer 1.4.39″,”sourceHref”:””,”cvss”:{“score”:9.8,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”UniFi Access Reader Pro”,”version”:”2.15.9″,”vendor”:”Ubiquiti Inc”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a malicious actor with access to UniFi Access management network.\\r\\n\\r\\n…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[9,6,8,35,12,13,7,11,5],"class_list":["post-11321","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n