Improper Access Control Vulnerability in UniFi Connect Application by Ubiquiti
CVE-2026-50746

10CRITICAL

Key Information:

Vendor
CVE Published:
2 July 2026

What is CVE-2026-50746?

A vulnerability exists in the UniFi Connect Application due to improper access control mechanisms. This flaw allows a malicious actor with network access to exploit the system by executing arbitrary commands on the host device. As a result, unauthorized actions could be performed, potentially compromising sensitive data and overall system integrity. Organizations using this application should prioritize security updates and review their network access controls.

Affected Version(s)

UniFi Connect Application 0 < 3.4.20

References

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.