Login Sign Up

CVE-2023-28365

9.1 CRITICAL
Remote Code Execution

📋 TL;DR

This vulnerability allows authenticated UniFi application administrators to execute arbitrary commands on the host system during backup restoration. It affects UniFi applications version 7.3.83 and earlier running on Linux systems.

💻 Affected Systems

Products:
  • UniFi Network Application
  • UniFi Protect
  • UniFi Access
  • UniFi Talk
  • UniFi Connect
Versions: 7.3.83 and earlier
Operating Systems: Linux
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Linux installations. Requires authenticated administrator access to the UniFi application.

📦 What is this software?

Unifi Network Application by Ui

View all CVEs affecting Unifi Network Application →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with root-level command execution, allowing attackers to install persistent backdoors, exfiltrate data, or pivot to other network systems.

🟠

Likely Case

Privilege escalation from application administrator to host system root access, enabling lateral movement within the network.

🟢

If Mitigated

Limited to application compromise if proper network segmentation and least privilege controls are implemented.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated administrator access to the UniFi application interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.3.85 and later

Vendor Advisory: https://community.ui.com/releases/Security-Advisory-Bulletin-031-031/8c85fc64-e9a8-4082-9ec4-56b14effd545

Restart Required: Yes

Instructions:

1. Backup current configuration. 2. Update UniFi application to version 7.3.85 or later. 3. Restart the UniFi application service. 4. Verify the update was successful.

🔧 Temporary Workarounds

Restrict Backup File Sources

all

Only restore backup files from trusted sources and validate backup integrity before restoration.

Network Segmentation

all

Isolate UniFi application servers from critical infrastructure using firewall rules.

🧯 If You Can't Patch

  • Implement strict access controls to limit who can access the UniFi application administration interface.
  • Monitor for suspicious backup restoration activities and command execution attempts on the host system.

🔍 How to Verify

Check if Vulnerable:

Check UniFi application version via web interface or command line. If version is 7.3.83 or earlier on Linux, system is vulnerable.

Check Version:

dpkg -l | grep unifi or check version in UniFi web interface under Settings > System

Verify Fix Applied:

Confirm UniFi application version is 7.3.85 or later and test backup restoration functionality.

📡 Detection & Monitoring

Log Indicators:

  • Unusual backup restoration activities
  • Suspicious command execution in system logs following backup operations
  • Authentication logs showing unexpected administrator access

Network Indicators:

  • Unusual outbound connections from UniFi application server
  • Traffic patterns indicating data exfiltration

SIEM Query:

source="unifi.log" AND ("backup restore" OR "command execution") OR source="syslog" AND process="unifi" AND ("exec" OR "system")

📊 Metadata

CVE ID: CVE-2023-28365
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-77
Published: July 1, 2023
Last Updated: December 12, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-28365, you might also want to check these:

CVE-2024-48841 10.0

This critical vulnerability in FLXEON software allows remote attackers to execute arbitrary code wit...

Same vulnerability type (CWE-77)
CVE-2025-59818 10.0

This vulnerability allows authenticated attackers to execute arbitrary system commands by manipulati...

Same vulnerability type (CWE-77)
CVE-2024-28354 10.0

This is a critical command injection vulnerability in TRENDnet TEW-827DRU routers that allows remote...

Same vulnerability type (CWE-77)