Primary

Context

Ubiquiti airMAX Products Remote Code Execution Vulnerability

Vulnerability

Patched

A remote code execution vulnerability has been identified in certain Ubiquiti airMAX products, including the UBB-XG (versions through 1.2.2), UDB-Pro/UDB-Pro-Sector (versions through 1.4.1), and UBB (versions through 3.1.5). This vulnerability allows a malicious actor within Wi-Fi range to exploit an issue in the airMAX Wireless Protocol, potentially leading to unauthorized code execution on the affected device.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected device.

Remediation

Users are advised to update UBB-XG to version 1.2.3 or later, UDB-Pro/UDB-Pro-Sector to version 1.4.2 or later, and UBB to version 3.1.7 or later.

Added: Jan 8, 2026, 5:24 PM

Updated: Jan 8, 2026, 6:16 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

4.9

remediation

7.7

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

4.9

remediation

7.7

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ubiquiti airMAX Products Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Ubiquiti UBB-XG

Ubiquiti UBB

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating