A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi OS to escalate privileges within such UniFi OS devices or instances.
References
Configurations
No configuration.
History
02 Jul 2026, 15:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-07-02 15:17
Updated : 2026-07-03 04:17
NVD link : CVE-2026-54404
Mitre link : CVE-2026-54404
CVE.ORG link : CVE-2026-54404
JSON object : View
Products Affected
No product.
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
