An Improper Access Control could allow a malicious actor...

An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect Display Cast devices to make unsupported changes to the system.

Affected Products:

UniFi Connect Display Cast (Version 1.10.3 and earlier)
UniFi Connect Display Cast Pro (Version 1.0.89 and earlier)
UniFi Connect Display Cast Lite (Version 1.0.3 and earlier)

Mitigation:

Update UniFi Connect Display Cast to Version 1.10.7 or later
Update UniFi Connect Display Cast Pro to Version 1.0.94 or later
Update UniFi Connect Display Cast Lite to Version 1.1.8 or later

References

Published by the National Vulnerability Database Aug 21, 2025

Published to the GitHub Advisory Database Aug 21, 2025

Last updated Aug 21, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Package

Affected versions

Patched versions

Description

References

Severity

CVSS overall score

CVSS v3 base metrics

CVSS v3 base metrics

EPSS score

Exploit Prediction Scoring System (EPSS)

Weaknesses

Improper Access Control

CVE ID

GHSA ID

Source code

Uh oh!