CVE Catalog

CVE-2026-50746

CriticalCVSS 10.0
Published: Updated: Translated: NVD NIST

Summary

A vulnerability in the UniFi Connect application allows an attacker with network access to execute command injection on the host device due to improper access control.

Risk Assessment

An attacker could gain full control of the device, compromising the confidentiality, integrity, and availability of the system.

Recommendation

Immediately update the UniFi Connect application to the latest version and restrict network access to trusted hosts only.

Original NVD description (English source)

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS