ГлавнаяУязвимости → CVE-2026-54401
7.7высокая

CVE-2026-54401

Описание

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (SSRF) to escalate privileges within such UniFi OS devices or instances.

Затрагиваемое ПО
Ui Unifi os serverUi Unifi dream machine firmwareUi Unifi dream machineUi Unifi dream machine pro firmwareUi Unifi dream machine proUi Unifi dream machine special edition firmwareUi Unifi dream machine special editionUi Unifi dream machine pro max firmwareUi Unifi dream machine pro maxUi Unifi dream machine beast firmwareUi Unifi dream machine beastUi Enterprise fortress gateway firmwareUi Enterprise fortress gatewayUi Unifi dream router firmwareUi Unifi dream routerUi Unifi dream wall firmwareUi Unifi dream wallUi Unifi dream router 7 firmwareUi Unifi dream router 7Ui Unifi express 7 firmwareUi Unifi express 7Ui Unifi cloudkey firmwareUi Unifi cloudkeyUi Unifi cloud key plus firmwareUi Unifi cloud key plus
CVSS
Балл7.7 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Источники
https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc