ByteOS Network

NVD Vulnerability Details :

CVE-2024-22054

Deferred

Source-support@hackerone.com

Published At-20 Feb, 2024 | 18:15

Updated At-15 Apr, 2026 | 00:35

A malformed discovery packet sent by a malicious actor with preexisting access to the network could interrupt the functionality of device management and discovery. Affected Products: UniFi Access Points UniFi Switches UniFi LTE Backup UniFi Express (Only Mesh Mode, Router mode is not affected) Mitigation: Update UniFi Access Points to Version 6.6.55 or later. Update UniFi Switches to Version 6.6.61 or later. Update UniFi LTE Backup to Version 6.6.57 or later. Update UniFi Express to Version 3.2.5 or later.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Type: Secondary

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weaknesses

CWE ID	Type	Source
CWE-20	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-20

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://community.ui.com/releases/Security-Advisory-Bulletin-037-037/9aeeccef-ca4a-4f10-9f66-1eb400b3d027	support@hackerone.com	N/A
https://community.ui.com/releases/Security-Advisory-Bulletin-037-037/9aeeccef-ca4a-4f10-9f66-1eb400b3d027	af854a3a-2127-422b-91ae-364da2661108	N/A

Hyperlink: https://community.ui.com/releases/Security-Advisory-Bulletin-037-037/9aeeccef-ca4a-4f10-9f66-1eb400b3d027

Source: support@hackerone.com

Resource: N/A

Hyperlink: https://community.ui.com/releases/Security-Advisory-Bulletin-037-037/9aeeccef-ca4a-4f10-9f66-1eb400b3d027

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History