PT-2026-55243 · Ubiquiti · Unifi Protect Application

Published

2026-07-02

·

Updated

2026-07-02

·

CVE-2026-54407

CVSS v3.1

8.6

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication in certain UniFi Protect Application API endpoints.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-54407

Affected Products

Unifi Protect Application