Back to CVE List

CVE-2026-55110

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.5 / 10
Vector String
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Description

A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing (CORS) misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-942
Source
NVD
Vendor
Ubiquiti Inc
Product
UniFi OS Server, Dream Machines, Enterprise Fortress Gateway, Dream Wall, Dream Routers, Express 7, Cloud Keys, Network Video Recorders, Enterprise Video Recorders, Cloud Gateways, Network Attached Storage, Enterprise Firewall Core

External References

Discussion (0)

Add Comment

No comments yet. Be the first!