CVE Catalog
CVE-2026-33000
CriticalCVSS 9.1Exploitation Probability (EPSS)
Elevated risk1.12%
62th percentile — higher than 62% of all known CVEs
Summary
There is an improper input validation vulnerability in UniFi OS devices that can be exploited by a malicious actor with network access and high privileges to execute a Command Injection attack.
Risk Assessment
The organization may be exposed to unauthorized command execution, potentially leading to serious security breaches.
Recommendation
It is recommended to conduct a security audit and update UniFi OS devices to mitigate this vulnerability.
Original NVD description (English source)
A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.

