{
  "id": "CVE-2024-27981",
  "sourceIdentifier": "support@hackerone.com",
  "published": "2024-04-04T23:15:15.837",
  "lastModified": "2024-04-05T12:40:52.763",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.0.28 and earlier) allows a malicious actor with UniFi Network Application Administrator credentials to escalate privileges to root on the host device.\r\n\r\nAffected Products:\r\nUniFi Network Application (Version 8.0.28 and earlier) .\r\n \r\nMitigation:\r\nUpdate UniFi Network Application to Version 8.1.113 or later."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de inyecci\u00f3n de comandos encontrada en servidores de red UniFi autohospedados (Linux) con la aplicaci\u00f3n de red UniFi (versi\u00f3n 8.0.28 y anteriores) permite a un actor malicioso con credenciales de administrador de la aplicaci\u00f3n de red UniFi escalar privilegios a root en el dispositivo host. Productos afectados: Aplicaci\u00f3n de red UniFi (Versi\u00f3n 8.0.28 y anteriores). Mitigaci\u00f3n: actualice la aplicaci\u00f3n UniFi Network a la versi\u00f3n 8.1.113 o posterior."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://community.ui.com/releases/Security-Advisory-Bulletin-038-038/9d13fead-47de-4372-b2c1-745b8d6b0399",
      "source": "support@hackerone.com"
    }
  ]
}