← back
CVE-2026-47368

CVE-2026-47368

CVSS 8.6 HIGHEPSS 0.4%CWE-22
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Affected products
Ubiquiti Inc · EFGUbiquiti Inc · ENVRUbiquiti Inc · ENVR-CoreUbiquiti Inc · ExpressUbiquiti Inc · Express 7Ubiquiti Inc · UCG-FiberUbiquiti Inc · UCG-IndustrialUbiquiti Inc · UCG-MaxUbiquiti Inc · UCG-UltraUbiquiti Inc · UCKUbiquiti Inc · UCK-EnterpriseUbiquiti Inc · UCKPUbiquiti Inc · UDMUbiquiti Inc · UDM-BeastUbiquiti Inc · UDM-ProUbiquiti Inc · UDM-Pro-MaxUbiquiti Inc · UDM-SEUbiquiti Inc · UDRUbiquiti Inc · UDR-5GUbiquiti Inc · UDR7Ubiquiti Inc · UDWUbiquiti Inc · UNAS-2Ubiquiti Inc · UNAS-4Ubiquiti Inc · UNAS-ProUbiquiti Inc · UNAS-Pro-4Ubiquiti Inc · UNAS-Pro-8Ubiquiti Inc · UniFi OS ServerUbiquiti Inc · UNVRUbiquiti Inc · UNVR-G2Ubiquiti Inc · UNVR-G2-ProUbiquiti Inc · UNVR-InstantUbiquiti Inc · UNVR-Pro

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://community.ui.com/releases/Security-Advisory-Bulletin-065-065/aa46a22b-fc43-4eae-9382-6fc8feda967a