← volver
CVE-2026-47369

CVE-2026-47369

CVSS 9.9 CRITICALEPSS 0.3%CWE-20
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Productos afectados
Ubiquiti Inc · EFGUbiquiti Inc · ENVRUbiquiti Inc · ENVR-CoreUbiquiti Inc · ExpressUbiquiti Inc · Express 7Ubiquiti Inc · UCG-FiberUbiquiti Inc · UCG-IndustrialUbiquiti Inc · UCG-MaxUbiquiti Inc · UCG-UltraUbiquiti Inc · UCKUbiquiti Inc · UCK-EnterpriseUbiquiti Inc · UCKPUbiquiti Inc · UDMUbiquiti Inc · UDM-BeastUbiquiti Inc · UDM-ProUbiquiti Inc · UDM-Pro-MaxUbiquiti Inc · UDM-SEUbiquiti Inc · UDRUbiquiti Inc · UDR-5GUbiquiti Inc · UDR7Ubiquiti Inc · UDWUbiquiti Inc · UNAS-2Ubiquiti Inc · UNAS-4Ubiquiti Inc · UNAS-ProUbiquiti Inc · UNAS-Pro-4Ubiquiti Inc · UNAS-Pro-8Ubiquiti Inc · UniFi OS ServerUbiquiti Inc · UNVRUbiquiti Inc · UNVR-G2Ubiquiti Inc · UNVR-G2-ProUbiquiti Inc · UNVR-InstantUbiquiti Inc · UNVR-Pro

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://community.ui.com/releases/Security-Advisory-Bulletin-065-065/aa46a22b-fc43-4eae-9382-6fc8feda967a