CVE-2026-55110
HIGH SEVERITYCVSS Score & Metrics
Base Score
7.5 / 10
Vector String
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Description
A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing (CORS) misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-942
Source
NVD
Vendor
Ubiquiti Inc
Product
UniFi OS Server, Dream Machines, Enterprise Fortress Gateway, Dream Wall, Dream Routers, Express 7, Cloud Keys, Network Video Recorders, Enterprise Video Recorders, Cloud Gateways, Network Attached Storage, Enterprise Firewall Core
Discussion (0)
Add Comment
No comments yet. Be the first!