PT-2026-55240 · Ubiquiti · Cloud Gateways+11

Publicado

2026-07-02

·

Atualizado

2026-07-02

·

CVE-2026-54404

CVSS v3.1

8.8

Alta

VetorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi OS to escalate privileges within such UniFi OS devices or instances.

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-54404

Produtos afetados

Cloud Gateways
Cloud Keys
Dream Machines
Dream Routers
Dream Wall
Enterprise Firewall Core
Enterprise Fortress Gateway
Enterprise Video Recorders
Express 7
Network Attached Storage
Network Video Recorders
Unifi Os Server