CVE-2025-27214 | THREATINT

Description

A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset. Affected Products: UniFi Connect EV Station Pro (Version 1.5.18 and earlier) Mitigation: Update UniFi Connect EV Station Pro to Version 1.5.27 or later

PUBLISHED Reserved 2025-02-20 | Published 2025-08-21 | Updated 2025-08-21 | Assigner hackerone

Product status

Default status

unaffected

1.5.27 before 1.5.27

affected

References

community.ui.com/...052/ac1251ee-5bb5-4cdf-8a71-68acd1775bb6

cve.org (CVE-2025-27214)

nvd.nist.gov (CVE-2025-27214)

Download JSON