CVE Catalog

CVE-2026-50748

CriticalCVSS 9.9
Published: Updated: Translated: NVD NIST

Summary

A vulnerability in UniFi Access Application allows an attacker with network access and low privileges to execute command injection on the host device due to improper input validation.

Risk Assessment

An attacker could gain control over the device, leading to compromise of confidentiality, integrity, and availability of the system.

Recommendation

Immediately update UniFi Access Application to the latest version and restrict network access to trusted hosts only.

Original NVD description (English source)

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS