Ubiquiti UniFi OS Improper Input Validation Vulnerability Leading to Command Injection

Vulnerability

A vulnerability allowing command injection has been identified in UniFi OS devices. This issue arises from improper input validation, which could be exploited by a malicious actor with network access.

Impact

Exploitation of this vulnerability allows for command injection on the affected device.

Added: May 22, 2026, 2:19 AM

Updated: May 22, 2026, 2:19 AM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

4.9

remediation

0.0

relevance

9.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

4.9

remediation

0.0

relevance

9.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ubiquiti UniFi OS Improper Input Validation Vulnerability Leading to Command Injection

Vulnerability

Impact

Affected Products

Ubiquiti UniFi OS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating