CVE-2023-35085

CRITICAL

UniFi Access Points and Switches < 6.5.50 and < 6.5.32 - Remote Code Execution via Integer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-35085. PoCs published by maoruiQa.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2023-35085, targeting an unspecified software with multiple reverse shell payloads. The exploit attempts command injection via various API endpoints and includes payload encoding to bypass filters.

Description

An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.50 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update the UniFi Switches to Version 6.5.59 or later.

Exploits (1)

nomisec WORKING POC 1 stars
by maoruiQa · poc
https://github.com/maoruiQa/CVE-2023-35085-POC-EXP

This repository contains a functional exploit for CVE-2023-35085, targeting an unspecified software with multiple reverse shell payloads. The exploit attempts command injection via various API endpoints and includes payload encoding to bypass filters.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Unknown (CVE-2023-35085)
No auth needed
Prerequisites: Network access to target · Listener set up on attacker machine
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 9.8
EPSS 0.0074
EPSS Percentile 49.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-190
Status published
Products (2)
ui/unifi_switch_firmware < 6.5.32
ui/unifi_uap_firmware < 6.5.50
Published Aug 10, 2023
Tracked Since Feb 18, 2026