CVE-2025-24285

Summary

Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a Command Injection by a malicious actor with network access to the UniFi Connect EV Station Lite.

Affected Products: UniFi Connect EV Station Lite (Version 1.5.1 and earlier)

Mitigation: Update UniFi Connect EV Station Lite to Version 1.5.2 or later

Affected Software

VendorProductVersion RangeStatus
Ubiquiti IncUniFi Connect EV Station Lite1.5.2 < 1.5.2affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References