CVE Catalog

CVE-2026-54406

HighCVSS 8.7
Published: Updated: Translated: NVD NIST

Summary

A Path Traversal vulnerability in self-hosted instances of UniFi Network Application allows an attacker with network access and high privileges to escalate write permissions on the host device.

Risk Assessment

An attacker could gain unauthorized write access to the host, potentially leading to full system compromise and data integrity violation.

Recommendation

Immediately update UniFi Network Application to the latest version and restrict network access to trusted users only.

Original NVD description (English source)

A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS