CVE Catalog
CVE-2026-50746
CriticalCVSS 10.0Summary
A vulnerability in the UniFi Connect application allows an attacker with network access to execute command injection on the host device due to improper access control.
Risk Assessment
An attacker could gain full control of the device, compromising the confidentiality, integrity, and availability of the system.
Recommendation
Immediately update the UniFi Connect application to the latest version and restrict network access to trusted hosts only.
Original NVD description (English source)
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device.

