PT-2026-55240 · Ubiquiti · Cloud Gateways+11
Publicado
2026-07-02
·
Atualizado
2026-07-02
·
CVE-2026-54404
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi OS to escalate privileges within such UniFi OS devices or instances.
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cloud Gateways
Cloud Keys
Dream Machines
Dream Routers
Dream Wall
Enterprise Firewall Core
Enterprise Fortress Gateway
Enterprise Video Recorders
Express 7
Network Attached Storage
Network Video Recorders
Unifi Os Server