Ubiquiti UniFi Network Application Authenticated NoSQL Injection Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability allowing authenticated NoSQL injection has been identified in the UniFi Network Application. This issue could enable a malicious actor with authenticated access to the network to escalate privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation within the application.

Added: Mar 19, 2026, 3:26 PM

Updated: Mar 19, 2026, 3:26 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

5.0

exploitability

3.5

remediation

0.0

relevance

4.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

5.0

exploitability

3.5

remediation

0.0

relevance

4.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ubiquiti UniFi Network Application Authenticated NoSQL Injection Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

Ubiquiti UniFi Network Application

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating