Search
Find a vulnerability
Search criteria
18 vulnerabilities found for UDM-Pro-Max by Ubiquiti Inc
CVE-2026-48610 (GCVE-0-2026-48610)
Vulnerability from nvd – Published: 2026-06-12 02:27 – Updated: 2026-06-12 11:48
VLAI
Summary
Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control - Generic
Assigner
References
1 reference
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.15
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T11:47:40.968047Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T11:48:09.018Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T02:27:43.468Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-065-065/aa46a22b-fc43-4eae-9382-6fc8feda967a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-48610",
"datePublished": "2026-06-12T02:27:43.468Z",
"dateReserved": "2026-05-22T15:00:09.276Z",
"dateUpdated": "2026-06-12T11:48:09.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47370 (GCVE-0-2026-47370)
Vulnerability from nvd – Published: 2026-06-12 02:27 – Updated: 2026-06-13 03:55
VLAI
Summary
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within such UniFi OS devices or instances.
Severity
9.9 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
32 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express |
Affected:
0 , < 4.0.15
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.15
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47370",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-13T03:55:51.078Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.0.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within such UniFi OS devices or instances."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T02:27:43.642Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-065-065/aa46a22b-fc43-4eae-9382-6fc8feda967a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-47370",
"datePublished": "2026-06-12T02:27:43.642Z",
"dateReserved": "2026-05-19T15:00:09.320Z",
"dateUpdated": "2026-06-13T03:55:51.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47369 (GCVE-0-2026-47369)
Vulnerability from nvd – Published: 2026-06-12 02:27 – Updated: 2026-06-13 03:55
VLAI
Summary
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances.
Severity
9.9 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
32 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express |
Affected:
0 , < 4.0.15
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.15
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47369",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-13T03:55:49.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.0.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T02:27:43.612Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-065-065/aa46a22b-fc43-4eae-9382-6fc8feda967a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-47369",
"datePublished": "2026-06-12T02:27:43.612Z",
"dateReserved": "2026-05-19T15:00:09.320Z",
"dateUpdated": "2026-06-13T03:55:49.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47368 (GCVE-0-2026-47368)
Vulnerability from nvd – Published: 2026-06-12 02:27 – Updated: 2026-06-12 14:30
VLAI
Summary
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Path Traversal
Assigner
References
1 reference
Impacted products
32 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express |
Affected:
0 , < 4.0.15
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.15
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47368",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T14:29:49.966121Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T14:30:10.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.0.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T02:27:43.525Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-065-065/aa46a22b-fc43-4eae-9382-6fc8feda967a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-47368",
"datePublished": "2026-06-12T02:27:43.525Z",
"dateReserved": "2026-05-19T15:00:09.320Z",
"dateUpdated": "2026-06-12T14:30:10.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34911 (GCVE-0-2026-34911)
Vulnerability from nvd – Published: 2026-05-22 00:43 – Updated: 2026-05-22 12:37
VLAI
Summary
A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to obtain sensitive information.
Severity
7.7 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Path Traversal
Assigner
References
1 reference
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.0.8
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.11
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.12
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T12:37:38.876728Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T12:37:48.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.0.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to obtain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T00:43:49.189Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-34911",
"datePublished": "2026-05-22T00:43:49.189Z",
"dateReserved": "2026-03-31T15:00:06.521Z",
"dateUpdated": "2026-05-22T12:37:48.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34910 (GCVE-0-2026-34910)
Vulnerability from nvd – Published: 2026-05-22 00:43 – Updated: 2026-06-24 03:55Summary
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.
Severity
10 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://community.ui.com/releases/Security-Adviso… | |
| https://www.pwndefend.com/2026/06/09/cve-2026-349… | third-party-advisory |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.0.8
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.11
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.12
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34910",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-06-23",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34910"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T03:55:52.177Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.pwndefend.com/2026/06/09/cve-2026-34910-exploitation-itw-building-a-botnet-mirai/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34910"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-23T00:00:00.000Z",
"value": "CVE-2026-34910 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.0.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T00:43:49.096Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-34910",
"datePublished": "2026-05-22T00:43:49.096Z",
"dateReserved": "2026-03-31T15:00:06.521Z",
"dateUpdated": "2026-06-24T03:55:52.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34909 (GCVE-0-2026-34909)
Vulnerability from nvd – Published: 2026-05-22 00:43 – Updated: 2026-06-24 03:56Summary
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account.
Severity
10 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Path Traversal
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://community.ui.com/releases/Security-Adviso… | |
| https://www.pwndefend.com/2026/06/09/cve-2026-349… | third-party-advisory |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
32 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.0.8
(semver)
|
|
| Ubiquiti Inc | Express |
Affected:
0 , < 4.0.14
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.11
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.12
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34909",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-06-23",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34909"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T03:56:19.760Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.pwndefend.com/2026/06/09/cve-2026-34910-exploitation-itw-building-a-botnet-mirai/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34909"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-23T00:00:00.000Z",
"value": "CVE-2026-34909 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.0.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.0.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T20:19:51.649Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-34909",
"datePublished": "2026-05-22T00:43:49.072Z",
"dateReserved": "2026-03-31T15:00:06.521Z",
"dateUpdated": "2026-06-24T03:56:19.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34908 (GCVE-0-2026-34908)
Vulnerability from nvd – Published: 2026-05-22 00:43 – Updated: 2026-06-24 03:55Summary
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.
Severity
10 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control - Generic
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://community.ui.com/releases/Security-Adviso… | |
| https://www.pwndefend.com/2026/06/09/cve-2026-349… | third-party-advisory |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.0.8
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.11
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.12
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34908",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-06-23",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34908"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T03:55:50.177Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.pwndefend.com/2026/06/09/cve-2026-34910-exploitation-itw-building-a-botnet-mirai/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34908"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-23T00:00:00.000Z",
"value": "CVE-2026-34908 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.0.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T00:43:49.077Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-34908",
"datePublished": "2026-05-22T00:43:49.077Z",
"dateReserved": "2026-03-31T15:00:06.521Z",
"dateUpdated": "2026-06-24T03:55:50.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-23091 (GCVE-0-2025-23091)
Vulnerability from nvd – Published: 2025-02-01 06:53 – Updated: 2025-03-13 12:54
VLAI
Summary
An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
1 reference
Impacted products
12 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UDM |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
4.1.11 , < 4.1.11
(semver)
|
|
| Ubiquiti Inc | UNVR PRO |
Affected:
4.1.11 , < 4.1.11
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
4.1.11 , < 4.1.11
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
4.1.11 , < 4.1.11
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
4.1.11 , < 4.1.11
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
4.1.13 , < 4.1.13
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23091",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T15:47:37.586798Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T12:54:46.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.11",
"status": "affected",
"version": "4.1.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR PRO",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.11",
"status": "affected",
"version": "4.1.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.11",
"status": "affected",
"version": "4.1.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.11",
"status": "affected",
"version": "4.1.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.11",
"status": "affected",
"version": "4.1.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-01T06:53:09.114Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-045-045/6011bc61-f2eb-457f-b71d-755703817aaf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2025-23091",
"datePublished": "2025-02-01T06:53:09.114Z",
"dateReserved": "2025-01-10T19:05:52.772Z",
"dateUpdated": "2025-03-13T12:54:46.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-47370 (GCVE-0-2026-47370)
Vulnerability from cvelistv5 – Published: 2026-06-12 02:27 – Updated: 2026-06-13 03:55
VLAI
Summary
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within such UniFi OS devices or instances.
Severity
9.9 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
32 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express |
Affected:
0 , < 4.0.15
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.15
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47370",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-13T03:55:51.078Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.0.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within such UniFi OS devices or instances."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T02:27:43.642Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-065-065/aa46a22b-fc43-4eae-9382-6fc8feda967a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-47370",
"datePublished": "2026-06-12T02:27:43.642Z",
"dateReserved": "2026-05-19T15:00:09.320Z",
"dateUpdated": "2026-06-13T03:55:51.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47369 (GCVE-0-2026-47369)
Vulnerability from cvelistv5 – Published: 2026-06-12 02:27 – Updated: 2026-06-13 03:55
VLAI
Summary
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances.
Severity
9.9 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
32 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express |
Affected:
0 , < 4.0.15
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.15
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47369",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-13T03:55:49.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.0.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T02:27:43.612Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-065-065/aa46a22b-fc43-4eae-9382-6fc8feda967a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-47369",
"datePublished": "2026-06-12T02:27:43.612Z",
"dateReserved": "2026-05-19T15:00:09.320Z",
"dateUpdated": "2026-06-13T03:55:49.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47368 (GCVE-0-2026-47368)
Vulnerability from cvelistv5 – Published: 2026-06-12 02:27 – Updated: 2026-06-12 14:30
VLAI
Summary
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Path Traversal
Assigner
References
1 reference
Impacted products
32 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express |
Affected:
0 , < 4.0.15
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.16
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.15
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47368",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T14:29:49.966121Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T14:30:10.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.0.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T02:27:43.525Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-065-065/aa46a22b-fc43-4eae-9382-6fc8feda967a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-47368",
"datePublished": "2026-06-12T02:27:43.525Z",
"dateReserved": "2026-05-19T15:00:09.320Z",
"dateUpdated": "2026-06-12T14:30:10.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48610 (GCVE-0-2026-48610)
Vulnerability from cvelistv5 – Published: 2026-06-12 02:27 – Updated: 2026-06-12 11:48
VLAI
Summary
Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control - Generic
Assigner
References
1 reference
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.15
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.15
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T11:47:40.968047Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T11:48:09.018Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T02:27:43.468Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-065-065/aa46a22b-fc43-4eae-9382-6fc8feda967a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-48610",
"datePublished": "2026-06-12T02:27:43.468Z",
"dateReserved": "2026-05-22T15:00:09.276Z",
"dateUpdated": "2026-06-12T11:48:09.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34911 (GCVE-0-2026-34911)
Vulnerability from cvelistv5 – Published: 2026-05-22 00:43 – Updated: 2026-05-22 12:37
VLAI
Summary
A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to obtain sensitive information.
Severity
7.7 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Path Traversal
Assigner
References
1 reference
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.0.8
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.11
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.12
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T12:37:38.876728Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T12:37:48.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.0.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to obtain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T00:43:49.189Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-34911",
"datePublished": "2026-05-22T00:43:49.189Z",
"dateReserved": "2026-03-31T15:00:06.521Z",
"dateUpdated": "2026-05-22T12:37:48.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34910 (GCVE-0-2026-34910)
Vulnerability from cvelistv5 – Published: 2026-05-22 00:43 – Updated: 2026-06-24 03:55Summary
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.
Severity
10 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://community.ui.com/releases/Security-Adviso… | |
| https://www.pwndefend.com/2026/06/09/cve-2026-349… | third-party-advisory |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.0.8
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.11
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.12
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34910",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-06-23",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34910"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T03:55:52.177Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.pwndefend.com/2026/06/09/cve-2026-34910-exploitation-itw-building-a-botnet-mirai/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34910"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-23T00:00:00.000Z",
"value": "CVE-2026-34910 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.0.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T00:43:49.096Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-34910",
"datePublished": "2026-05-22T00:43:49.096Z",
"dateReserved": "2026-03-31T15:00:06.521Z",
"dateUpdated": "2026-06-24T03:55:52.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34908 (GCVE-0-2026-34908)
Vulnerability from cvelistv5 – Published: 2026-05-22 00:43 – Updated: 2026-06-24 03:55Summary
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.
Severity
10 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control - Generic
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://community.ui.com/releases/Security-Adviso… | |
| https://www.pwndefend.com/2026/06/09/cve-2026-349… | third-party-advisory |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.0.8
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.11
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.12
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34908",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-06-23",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34908"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T03:55:50.177Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.pwndefend.com/2026/06/09/cve-2026-34910-exploitation-itw-building-a-botnet-mirai/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34908"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-23T00:00:00.000Z",
"value": "CVE-2026-34908 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.0.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T00:43:49.077Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-34908",
"datePublished": "2026-05-22T00:43:49.077Z",
"dateReserved": "2026-03-31T15:00:06.521Z",
"dateUpdated": "2026-06-24T03:55:50.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34909 (GCVE-0-2026-34909)
Vulnerability from cvelistv5 – Published: 2026-05-22 00:43 – Updated: 2026-06-24 03:56Summary
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account.
Severity
10 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Path Traversal
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://community.ui.com/releases/Security-Adviso… | |
| https://www.pwndefend.com/2026/06/09/cve-2026-349… | third-party-advisory |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
32 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UniFi OS Server |
Affected:
0 , < 5.0.8
(semver)
|
|
| Ubiquiti Inc | Express |
Affected:
0 , < 4.0.14
(semver)
|
|
| Ubiquiti Inc | UDM |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDM-Beast |
Affected:
0 , < 5.1.11
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UDR-5G |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | Express 7 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-Instant |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2 |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNVR-G2-Pro |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | ENVR-Core |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UNAS-2 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-4 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UNAS-Pro-8 |
Affected:
0 , < 5.1.10
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Ultra |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Fiber |
Affected:
0 , < 5.1.12
(semver)
|
|
| Ubiquiti Inc | UCG-Industrial |
Affected:
0 , < 5.1.12
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34909",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-06-23",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34909"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T03:56:19.760Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.pwndefend.com/2026/06/09/cve-2026-34910-exploitation-itw-building-a-botnet-mirai/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34909"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-23T00:00:00.000Z",
"value": "CVE-2026-34909 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.0.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.0.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T20:19:51.649Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-34909",
"datePublished": "2026-05-22T00:43:49.072Z",
"dateReserved": "2026-03-31T15:00:06.521Z",
"dateUpdated": "2026-06-24T03:56:19.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-23091 (GCVE-0-2025-23091)
Vulnerability from cvelistv5 – Published: 2025-02-01 06:53 – Updated: 2025-03-13 12:54
VLAI
Summary
An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
1 reference
Impacted products
12 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ubiquiti Inc | UDM |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | UDM-Pro |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | UDM-SE |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | UDM-Pro-Max |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | UDW |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | UNVR |
Affected:
4.1.11 , < 4.1.11
(semver)
|
|
| Ubiquiti Inc | UNVR PRO |
Affected:
4.1.11 , < 4.1.11
(semver)
|
|
| Ubiquiti Inc | UCKP |
Affected:
4.1.11 , < 4.1.11
(semver)
|
|
| Ubiquiti Inc | UCK |
Affected:
4.1.11 , < 4.1.11
(semver)
|
|
| Ubiquiti Inc | UCK-Enterprise |
Affected:
4.1.11 , < 4.1.11
(semver)
|
|
| Ubiquiti Inc | UCG-Max |
Affected:
4.1.13 , < 4.1.13
(semver)
|
|
| Ubiquiti Inc | EFG |
Affected:
4.1.13 , < 4.1.13
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23091",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T15:47:37.586798Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T12:54:46.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.11",
"status": "affected",
"version": "4.1.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR PRO",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.11",
"status": "affected",
"version": "4.1.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.11",
"status": "affected",
"version": "4.1.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.11",
"status": "affected",
"version": "4.1.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.11",
"status": "affected",
"version": "4.1.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "4.1.13",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-01T06:53:09.114Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-045-045/6011bc61-f2eb-457f-b71d-755703817aaf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2025-23091",
"datePublished": "2025-02-01T06:53:09.114Z",
"dateReserved": "2025-01-10T19:05:52.772Z",
"dateUpdated": "2025-03-13T12:54:46.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}