An Improper Neutralization of Escape Sequences vulnerability could allow an Authentication Bypass with a Remote Code Execution (RCE) by a malicious actor with access to UniFi Protect Cameras adjacent network.
CVE ID: CVE-2025-23119
CVSS Base Severity: HIGH
CVSS Base Score: 7.5
CVSS Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vendor: Ubiquiti Inc
Product: UniFi Protect Cameras
EPSS Score: 0.06% (probability of being exploited)
EPSS Percentile: 10.56% (scored less or equal to compared to others)
EPSS Date: 2025-03-29 (when was this score calculated)