CVE Catalog
CVE-2026-50748
CriticalCVSS 9.9Summary
A vulnerability in UniFi Access Application allows an attacker with network access and low privileges to execute command injection on the host device due to improper input validation.
Risk Assessment
An attacker could gain control over the device, leading to compromise of confidentiality, integrity, and availability of the system.
Recommendation
Immediately update UniFi Access Application to the latest version and restrict network access to trusted hosts only.
Original NVD description (English source)
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device.

