CVE-2019-25652
Received Received - Intake
Improper SSL Verification in UniFi SMTP Enables MITM Attacks

Publication date: 2026-03-27

Last updated on: 2026-03-27

Assigner: VulnCheck

Description
UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept SMTP traffic and obtain credentials by exploiting the insecure SSL host verification mechanism in the SMTP certificate validation process.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-27
Last Modified
2026-03-27
Generated
2026-05-07
AI Q&A
2026-03-28
EPSS Evaluated
2026-05-05
NVD
CVE-2019-25652
EUVD
EUVD-2019-20043
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ubiquiti unifi_network_controller to 5.11.18 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :

The vulnerability can have serious impacts including unauthorized interception of SMTP traffic.

Attackers can steal credentials sent over SMTP, potentially gaining unauthorized access to accounts or systems.

This can lead to further compromise of network resources, data breaches, and loss of confidentiality, integrity, and availability of information.


Can you explain this vulnerability to me?

This vulnerability exists in UniFi Network Controller versions before 5.10.22 and 5.11.x before 5.11.18. It is caused by improper certificate verification during SMTP connections. Specifically, the software does not correctly verify SSL certificates, allowing an attacker on an adjacent network to present a false SSL certificate.

By exploiting this flaw, an attacker can perform a man-in-the-middle (MITM) attack, intercepting SMTP traffic between the client and server.

This interception can lead to the attacker obtaining sensitive credentials transmitted over SMTP due to the insecure SSL host verification mechanism.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability involves improper certificate verification during SMTP connections in UniFi Network Controller versions before 5.10.22 and 5.11.x before 5.11.18. Detection would involve monitoring SMTP traffic for man-in-the-middle attacks where false SSL certificates are presented.

Since no specific detection commands or tools are provided in the available information, general approaches include capturing SMTP traffic using network analysis tools like Wireshark or tcpdump to inspect SSL certificates presented during SMTP sessions for anomalies.

  • Use tcpdump to capture SMTP traffic: tcpdump -i <interface> port 25 or port 587
  • Analyze captured traffic with Wireshark to verify the SSL certificates used in SMTP connections.
  • Check UniFi Network Controller logs for any SSL certificate validation errors or warnings.

What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, the immediate step is to upgrade the UniFi Network Controller to version 5.10.22 or later, or 5.11.18 or later, where the improper certificate verification issue has been fixed.

Until the upgrade can be applied, consider restricting SMTP traffic to trusted networks only to reduce the risk of man-in-the-middle attacks by adjacent network attackers.

Additionally, monitor network traffic for suspicious SSL certificate activity during SMTP connections.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart