Primary

Context

Ubiquiti AirControl Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability has been identified in Ubiquiti AirControl version 1.4.2. This vulnerability allows unauthenticated attackers to execute arbitrary system commands by injecting malicious Java expressions. Exploitation occurs through the '/.seam' endpoint, where crafted URLs can be used to execute commands with the application's system privileges.

Impact

Exploitation of this vulnerability allows for pre-authentication remote code execution on the affected system.

Reproduction

To reproduce this vulnerability, send a GET request to the target AirControl server's '.seam' endpoint. Include a crafted URL that embeds Java expressions designed to execute system commands. The injected command's output can be retrieved by parsing the response.

Added: Jan 30, 2026, 11:21 PM

Updated: Jan 30, 2026, 11:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ubiquiti AirControl Remote Code Execution Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating