CVE-2026-47369

CVSS v3.1

9.9

Critical

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2026-47369

Affected Products

Efg

Envr

Envr-Core

Express

Express 7

Ucg-Fiber

Ucg-Industrial

Ucg-Max

Ucg-Ultra

Uck

Uck-Enterprise

Uckp

Udm

Udm-Beast

Udm-Pro

Udm-Pro-Max

Udm-Se

Udr

Udr-5G

Udr7

Udw

Unas-2

Unas-4

Unas-Pro

Unas-Pro-4

Unas-Pro-8

Unvr

Unvr-G2

Unvr-G2-Pro

Unvr-Instant

Unvr-Pro

Unifi Os Server

CVE-2026-47369

Weakness Enumeration

Related Identifiers

Affected Products

References · 2