Back to CVE List

CVE-2026-54402

CRITICAL SEVERITY

CVSS Score & Metrics

Base Score
9.9 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Vulnerability Description

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-20
Source
NVD
Vendor
Ubiquiti Inc
Product
UniFi OS Server, Dream Machines, Enterprise Fortress Gateway, Dream Wall, Dream Routers, Express 7, Cloud Keys, Network Video Recorders, Enterprise Video Recorders, Cloud Gateways, Network Attached Storage, Enterprise Firewall Core

External References

Discussion (0)

Add Comment

No comments yet. Be the first!