CVE-2025-27217
Ubiquiti · UISP Application
The UISP Application contains a Server-Side Request Forgery (SSRF) vulnerability that allows authenticated users to make unauthorized requests outside the application's intended scope.
Executive summary
An SSRF vulnerability in the Ubiquiti UISP Application allows malicious actors with specific permissions to perform unauthorized requests, potentially exposing internal network resources.
Vulnerability
This is a Server-Side Request Forgery (SSRF) vulnerability where an authenticated attacker with specific permissions can force the application to make requests to unintended internal or external destinations.
Business impact
This vulnerability could be leveraged to bypass network segmentation, probe internal services, or interact with sensitive APIs that are not exposed to the public internet. With a CVSS score of 9.1, the vulnerability is highly critical as it facilitates unauthorized access to internal resources, potentially leading to data theft or further network compromise.
Remediation
Immediate Action: Update the UISP Application to the latest version provided by Ubiquiti to address the SSRF flaw.
Proactive Monitoring: Audit application logs for unusual outbound requests from the UISP server to internal subnets or unauthorized external endpoints.
Compensating Controls: Implement strict egress filtering on the server hosting the UISP application to prevent it from initiating connections to sensitive internal network segments.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
The ability for an authenticated user to perform SSRF attacks significantly expands the attack surface of the internal network. Administrators should apply the latest security updates provided by the vendor to remediate this vulnerability and limit the potential for lateral movement.