CVE-2019-25652 in UniFi Network Controller
Summary
by MITRE • 03/28/2026
UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept SMTP traffic and obtain credentials by exploiting the insecure SSL host verification mechanism in the SMTP certificate validation process.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 03/28/2026
The vulnerability identified as CVE-2019-25652 affects the UniFi Network Controller software, specifically versions prior to 5.10.22 and 5.11.x before 5.11.18. This represents a critical security flaw in the controller's SSL certificate validation mechanism that undermines the integrity of SMTP communications within the network infrastructure. The vulnerability exists in the way the system handles certificate verification during secure email transmission processes, creating a significant attack surface for malicious actors positioned within the same network segment.
The technical flaw manifests in the improper implementation of SSL host verification during SMTP connections, where the UniFi Network Controller fails to properly validate the authenticity of SSL certificates presented by remote servers. This weakness allows attackers to exploit the insecure certificate validation process by presenting fraudulent SSL certificates that appear legitimate to the controller. The vulnerability specifically impacts the SMTP certificate validation process, where the system accepts certificates without sufficient verification of their authenticity and chain of trust. This issue falls under the CWE-295 category of "Improper Certificate Validation" which directly relates to the failure to properly validate SSL/TLS certificates and their associated cryptographic properties.
The operational impact of this vulnerability is severe and multifaceted, as it enables adjacent network attackers to conduct sophisticated man-in-the-middle attacks against SMTP communications. When attackers successfully exploit this vulnerability, they can intercept and manipulate email traffic flowing through the UniFi Network Controller, potentially gaining access to sensitive authentication credentials, confidential business communications, and other valuable data transmitted via SMTP protocols. The attack vector requires only adjacent network access, making it particularly dangerous in shared network environments where physical proximity or network segmentation is insufficient to prevent such attacks. This vulnerability directly maps to ATT&CK technique T1046 which involves the use of network service scanning to identify accessible services, and T1566 which covers social engineering through spearphishing with a malicious attachment or link.
The security implications extend beyond simple credential theft, as compromised SMTP communications can lead to broader network infiltration and data exfiltration activities. Attackers can leverage the intercepted credentials to gain unauthorized access to email accounts, potentially using them to send malicious emails, conduct further reconnaissance, or establish persistence within the network. The vulnerability's impact is particularly concerning for organizations relying on UniFi controllers for network management, as the compromised controller could serve as a pivot point for attacking other network components. Organizations implementing the affected versions of UniFi Network Controller face significant risk of unauthorized access to sensitive communications and potential data breaches that could result in regulatory compliance violations and financial losses. The vulnerability demonstrates the critical importance of proper certificate validation mechanisms in network security infrastructure, as failures in this area can undermine the entire security posture of network management systems.
Organizations should immediately implement mitigation strategies including upgrading to the patched versions of UniFi Network Controller 5.10.22 or 5.11.18, respectively, and implementing additional network segmentation measures to limit adjacent network access to critical infrastructure components. Network administrators should also consider implementing additional monitoring and detection capabilities to identify potential exploitation attempts and establish more robust certificate validation policies for all network services handling sensitive communications. The vulnerability underscores the necessity of maintaining current security patches and implementing defense-in-depth strategies that reduce the attack surface and provide multiple layers of protection against sophisticated network-based attacks.