Primary

Context

UniFi Network Server Improper Input Validation Vulnerability Allowing Unauthorized Account Access

Vulnerability

Patched

A vulnerability allowing unauthorized access to user accounts has been identified in UniFi Network Server versions through 10.1.85. This improper input validation issue could be exploited if an account owner is socially engineered into clicking a malicious link.

Impact

Exploitation of this vulnerability could lead to unauthorized access to user accounts on the affected UniFi Network Server.

Remediation

Users are advised to update UniFi Network Server to version 10.1.89 or later.

Added: Mar 24, 2026, 8:43 PM

Updated: Mar 24, 2026, 8:43 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

1.3

exploitability

5.8

remediation

7.7

relevance

4.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

1.3

exploitability

5.8

remediation

7.7

relevance

4.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

UniFi Network Server Improper Input Validation Vulnerability Allowing Unauthorized Account Access

Vulnerability

Impact

Remediation

Affected Products

UniFi Network Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating