Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities found for UniFi Play PowerAmp by Ubiquiti Inc
CVE-2026-22566 (GCVE-0-2026-22566)
Vulnerability from nvd – Published: 2026-04-13 21:28 – Updated: 2026-04-14 13:14
VLAI?
Summary
An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play Audio Port to Version 1.1.9 or later
Severity ?
7.5 (High)
CWE
- CWE-284 - Improper Access Control - Generic
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ubiquiti Inc | UniFi Play PowerAmp |
Affected:
0 , < 1.0.38
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22566",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T12:59:25.303372Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T13:14:19.836Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Play PowerAmp",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.0.38",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UniFi Play Audio Port",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.1.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials.\u2028 \n\nAffected Products:\nUniFi Play PowerAmp (Version 1.0.35 and earlier)\u2028\nUniFi Play Audio Port\u00a0 (Version 1.0.24 and earlier)\u2028 \n\nMitigation:\nUpdate UniFi Play PowerAmp to Version 1.0.38 or later\u2028\nUpdate UniFi Play Audio Port\u00a0 to Version 1.1.9 or later"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T21:28:10.973Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-22566",
"datePublished": "2026-04-13T21:28:10.973Z",
"dateReserved": "2026-01-07T15:39:03.441Z",
"dateUpdated": "2026-04-14T13:14:19.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22565 (GCVE-0-2026-22565)
Vulnerability from nvd – Published: 2026-04-13 21:28 – Updated: 2026-04-14 20:18
VLAI?
Summary
An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play Audio Port to Version 1.1.9 or later
Severity ?
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ubiquiti Inc | UniFi Play PowerAmp |
Affected:
0 , < 1.0.38
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-22565",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T20:18:25.833804Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T20:18:31.138Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Play PowerAmp",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.0.38",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UniFi Play Audio Port",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.1.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding.\u2028 \n\nAffected Products:\nUniFi Play PowerAmp (Version 1.0.35 and earlier)\u2028\nUniFi Play Audio Port\u00a0 (Version 1.0.24 and earlier)\u2028 \n\nMitigation:\nUpdate UniFi Play PowerAmp to Version 1.0.38 or later\u2028\nUpdate UniFi Play Audio Port\u00a0 to Version 1.1.9 or later"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T21:28:10.916Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-22565",
"datePublished": "2026-04-13T21:28:10.916Z",
"dateReserved": "2026-01-07T15:39:03.441Z",
"dateUpdated": "2026-04-14T20:18:31.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22564 (GCVE-0-2026-22564)
Vulnerability from nvd – Published: 2026-04-13 21:28 – Updated: 2026-04-14 13:14
VLAI?
Summary
An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play Audio Port to Version 1.1.9 or later
Severity ?
9.8 (Critical)
CWE
- CWE-284 - Improper Access Control - Generic
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ubiquiti Inc | UniFi Play PowerAmp |
Affected:
0 , < 1.0.38
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22564",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T12:59:47.135052Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T13:14:19.961Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Play PowerAmp",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.0.38",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UniFi Play Audio Port",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.1.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system.\u2028 \n\nAffected Products:\nUniFi Play PowerAmp (Version 1.0.35 and earlier)\u2028\nUniFi Play Audio Port\u00a0 (Version 1.0.24 and earlier)\u2028 \n\nMitigation:\nUpdate UniFi Play PowerAmp to Version 1.0.38 or later\u2028\nUpdate UniFi Play Audio Port\u00a0 to Version 1.1.9 or later"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T21:28:10.865Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-22564",
"datePublished": "2026-04-13T21:28:10.865Z",
"dateReserved": "2026-01-07T15:39:03.440Z",
"dateUpdated": "2026-04-14T13:14:19.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22563 (GCVE-0-2026-22563)
Vulnerability from nvd – Published: 2026-04-13 21:28 – Updated: 2026-04-14 13:14
VLAI?
Summary
A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play Audio Port to Version 1.1.9 or later
Severity ?
9.8 (Critical)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ubiquiti Inc | UniFi Play PowerAmp |
Affected:
0 , < 1.0.38
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22563",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T12:59:16.083892Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T13:14:19.586Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Play PowerAmp",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.0.38",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UniFi Play Audio Port",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.1.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network.\n \nAffected Products:\nUniFi Play PowerAmp (Version 1.0.35 and earlier)\u2028\nUniFi Play Audio Port\u00a0 (Version 1.0.24 and earlier)\u2028 \n\nMitigation:\nUpdate UniFi Play PowerAmp to Version 1.0.38 or later\u2028\nUpdate UniFi Play Audio Port\u00a0 to Version 1.1.9 or later"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T21:28:11.100Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-22563",
"datePublished": "2026-04-13T21:28:11.100Z",
"dateReserved": "2026-01-07T15:39:03.440Z",
"dateUpdated": "2026-04-14T13:14:19.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22562 (GCVE-0-2026-22562)
Vulnerability from nvd – Published: 2026-04-13 21:28 – Updated: 2026-04-14 13:14
VLAI?
Summary
A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code execution (RCE).
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play Audio Port to Version 1.1.9 or later
Severity ?
9.8 (Critical)
CWE
- CWE-22 - Path Traversal
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ubiquiti Inc | UniFi Play PowerAmp |
Affected:
0 , < 1.0.38
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22562",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T12:58:13.202458Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T13:14:19.709Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Play PowerAmp",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.0.38",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UniFi Play Audio Port",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.1.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code execution (RCE).\n \nAffected Products:\nUniFi Play PowerAmp (Version 1.0.35 and earlier)\u2028UniFi Play Audio Port\u00a0 (Version 1.0.24 and earlier)\u2028 \nMitigation:\nUpdate UniFi Play PowerAmp to Version 1.0.38 or later\u2028Update UniFi Play Audio Port\u00a0 to Version 1.1.9 or later"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T21:28:11.025Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-22562",
"datePublished": "2026-04-13T21:28:11.025Z",
"dateReserved": "2026-01-07T15:39:03.440Z",
"dateUpdated": "2026-04-14T13:14:19.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22563 (GCVE-0-2026-22563)
Vulnerability from cvelistv5 – Published: 2026-04-13 21:28 – Updated: 2026-04-14 13:14
VLAI?
Summary
A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play Audio Port to Version 1.1.9 or later
Severity ?
9.8 (Critical)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ubiquiti Inc | UniFi Play PowerAmp |
Affected:
0 , < 1.0.38
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22563",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T12:59:16.083892Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T13:14:19.586Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Play PowerAmp",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.0.38",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UniFi Play Audio Port",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.1.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network.\n \nAffected Products:\nUniFi Play PowerAmp (Version 1.0.35 and earlier)\u2028\nUniFi Play Audio Port\u00a0 (Version 1.0.24 and earlier)\u2028 \n\nMitigation:\nUpdate UniFi Play PowerAmp to Version 1.0.38 or later\u2028\nUpdate UniFi Play Audio Port\u00a0 to Version 1.1.9 or later"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T21:28:11.100Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-22563",
"datePublished": "2026-04-13T21:28:11.100Z",
"dateReserved": "2026-01-07T15:39:03.440Z",
"dateUpdated": "2026-04-14T13:14:19.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22562 (GCVE-0-2026-22562)
Vulnerability from cvelistv5 – Published: 2026-04-13 21:28 – Updated: 2026-04-14 13:14
VLAI?
Summary
A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code execution (RCE).
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play Audio Port to Version 1.1.9 or later
Severity ?
9.8 (Critical)
CWE
- CWE-22 - Path Traversal
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ubiquiti Inc | UniFi Play PowerAmp |
Affected:
0 , < 1.0.38
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22562",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T12:58:13.202458Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T13:14:19.709Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Play PowerAmp",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.0.38",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UniFi Play Audio Port",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.1.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code execution (RCE).\n \nAffected Products:\nUniFi Play PowerAmp (Version 1.0.35 and earlier)\u2028UniFi Play Audio Port\u00a0 (Version 1.0.24 and earlier)\u2028 \nMitigation:\nUpdate UniFi Play PowerAmp to Version 1.0.38 or later\u2028Update UniFi Play Audio Port\u00a0 to Version 1.1.9 or later"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T21:28:11.025Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-22562",
"datePublished": "2026-04-13T21:28:11.025Z",
"dateReserved": "2026-01-07T15:39:03.440Z",
"dateUpdated": "2026-04-14T13:14:19.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22566 (GCVE-0-2026-22566)
Vulnerability from cvelistv5 – Published: 2026-04-13 21:28 – Updated: 2026-04-14 13:14
VLAI?
Summary
An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play Audio Port to Version 1.1.9 or later
Severity ?
7.5 (High)
CWE
- CWE-284 - Improper Access Control - Generic
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ubiquiti Inc | UniFi Play PowerAmp |
Affected:
0 , < 1.0.38
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22566",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T12:59:25.303372Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T13:14:19.836Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Play PowerAmp",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.0.38",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UniFi Play Audio Port",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.1.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials.\u2028 \n\nAffected Products:\nUniFi Play PowerAmp (Version 1.0.35 and earlier)\u2028\nUniFi Play Audio Port\u00a0 (Version 1.0.24 and earlier)\u2028 \n\nMitigation:\nUpdate UniFi Play PowerAmp to Version 1.0.38 or later\u2028\nUpdate UniFi Play Audio Port\u00a0 to Version 1.1.9 or later"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T21:28:10.973Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-22566",
"datePublished": "2026-04-13T21:28:10.973Z",
"dateReserved": "2026-01-07T15:39:03.441Z",
"dateUpdated": "2026-04-14T13:14:19.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22565 (GCVE-0-2026-22565)
Vulnerability from cvelistv5 – Published: 2026-04-13 21:28 – Updated: 2026-04-14 20:18
VLAI?
Summary
An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play Audio Port to Version 1.1.9 or later
Severity ?
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ubiquiti Inc | UniFi Play PowerAmp |
Affected:
0 , < 1.0.38
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-22565",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T20:18:25.833804Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T20:18:31.138Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Play PowerAmp",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.0.38",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UniFi Play Audio Port",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.1.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding.\u2028 \n\nAffected Products:\nUniFi Play PowerAmp (Version 1.0.35 and earlier)\u2028\nUniFi Play Audio Port\u00a0 (Version 1.0.24 and earlier)\u2028 \n\nMitigation:\nUpdate UniFi Play PowerAmp to Version 1.0.38 or later\u2028\nUpdate UniFi Play Audio Port\u00a0 to Version 1.1.9 or later"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T21:28:10.916Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-22565",
"datePublished": "2026-04-13T21:28:10.916Z",
"dateReserved": "2026-01-07T15:39:03.441Z",
"dateUpdated": "2026-04-14T20:18:31.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22564 (GCVE-0-2026-22564)
Vulnerability from cvelistv5 – Published: 2026-04-13 21:28 – Updated: 2026-04-14 13:14
VLAI?
Summary
An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play Audio Port to Version 1.1.9 or later
Severity ?
9.8 (Critical)
CWE
- CWE-284 - Improper Access Control - Generic
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ubiquiti Inc | UniFi Play PowerAmp |
Affected:
0 , < 1.0.38
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22564",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T12:59:47.135052Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T13:14:19.961Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UniFi Play PowerAmp",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.0.38",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UniFi Play Audio Port",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "1.1.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system.\u2028 \n\nAffected Products:\nUniFi Play PowerAmp (Version 1.0.35 and earlier)\u2028\nUniFi Play Audio Port\u00a0 (Version 1.0.24 and earlier)\u2028 \n\nMitigation:\nUpdate UniFi Play PowerAmp to Version 1.0.38 or later\u2028\nUpdate UniFi Play Audio Port\u00a0 to Version 1.1.9 or later"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T21:28:10.865Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2026-22564",
"datePublished": "2026-04-13T21:28:10.865Z",
"dateReserved": "2026-01-07T15:39:03.440Z",
"dateUpdated": "2026-04-14T13:14:19.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}