CVE Catalog

CVE-2026-33000

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
1.12%

62th percentile — higher than 62% of all known CVEs

Summary

There is an improper input validation vulnerability in UniFi OS devices that can be exploited by a malicious actor with network access and high privileges to execute a Command Injection attack.

Risk Assessment

The organization may be exposed to unauthorized command execution, potentially leading to serious security breaches.

Recommendation

It is recommended to conduct a security audit and update UniFi OS devices to mitigate this vulnerability.

Original NVD description (English source)

A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS