Improper Input Validation in UniFi Access Application by Ubiquiti
CVE-2026-50748

9.9CRITICAL

Key Information:

Vendor
CVE Published:
2 July 2026

What is CVE-2026-50748?

A vulnerability in the UniFi Access Application allows unauthorized actors with network access and minimal privileges to exploit improper input validation. This can lead to a command injection attack on the host device, potentially compromising system integrity and security. Organizations using this application should ensure they are aware of this vulnerability and take necessary actions to mitigate the risk.

Affected Version(s)

UniFi Access Application 0 < 4.2.29

References

CVSS V3.1

Score:
9.9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.