All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-47369
CRITICALpublished 2026-06-12 04:17 UTC · 13 days ago · modified 2026-06-12 16:10 UTC
9.9
CVSS / 10
// description
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances.
// cvss 3.1 vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
// weaknesses (CWE)
- CWE-20