CVE-2023-41721 (unifi_network_application)

Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. and earlier, implement device adoption with improper access control logic, creating a risk of access to device configuration information by a malicious actor with preexisting access to the network.

Affected Products:
UDM
UDM-PRO
UDM-SE
UDR
UDW

Mitigation:
Update UniFi Network to Version 7.5.187 or later.

access access control actor adoption application configuration console control cve device gateway information logic malicious mitigation network pro products risk run unifi update