SQL Injection Vulnerabilities in UniFi OS Devices by Ubiquiti Networks
CVE-2026-54404
8.8HIGH
What is CVE-2026-54404?
A series of authenticated SQL Injection vulnerabilities discovered in UniFi OS allows malicious users with network access and limited privileges to manipulate SQL queries. This exploitation can lead to unauthorized privilege escalation within affected devices, potentially compromising the integrity and security of network configurations.
Affected Version(s)
Cloud Gateways 0 < 5.1.19
Cloud Keys 0 < 5.1.19
Dream Machines 0 < 5.1.19
