CVE-2026-54404

A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi OS to escalate privileges within such UniFi OS devices or instances.
Configurations

No configuration.

History

02 Jul 2026, 15:17

Type Values Removed Values Added
New CVE

Information

Published : 2026-07-02 15:17

Updated : 2026-07-03 04:17


NVD link : CVE-2026-54404

Mitre link : CVE-2026-54404

CVE.ORG link : CVE-2026-54404


JSON object : View

Products Affected

No product.

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')