ui unas_pro_firmware CVE Vulnerabilities (9)

CVEs: 9 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting ui unas_pro_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 19 of 9 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-55110 A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing (CORS) misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session. [email protected] 7.5 0.14% 2026-07-02 2026-07-09
CVE-2026-54404 A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi OS to escalate privileges within such UniFi OS devices or instances. [email protected] 8.8 0.24% 2026-07-02 2026-07-09
CVE-2026-54403 A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances. [email protected] 8.6 0.48% 2026-07-02 2026-07-09
CVE-2026-54402 A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device. [email protected] 9.9 0.87% 2026-07-02 2026-07-09
CVE-2026-54401 A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (SSRF) to escalate privileges within such UniFi OS devices or instances. [email protected] 7.7 0.20% 2026-07-02 2026-07-09
CVE-2026-34911 A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to obtain sensitive information. [email protected] 7.7 0.66% 2026-05-21 2026-06-24
CVE-2026-34910 KEV A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection. [email protected] 10.0 78.55% 2026-05-21 2026-06-24
CVE-2026-34909 KEV A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account. [email protected] 10.0 2.27% 2026-05-21 2026-06-24
CVE-2026-34908 KEV A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system. [email protected] 10.0 2.45% 2026-05-21 2026-06-24
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence