9.9
CVE-2026-50748
- EPSS 0.81%
- Veröffentlicht 02.07.2026 14:49:16
- Zuletzt bearbeitet 09.07.2026 13:21:36
- Quelle support@hackerone.com
- CVE-Watchlists
- Unerledigt
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ui ≫ Unifi Access Application Version < 4.2.29
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.81% | 0.525 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| support@hackerone.com | 9.9 | 3.1 | 6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc