ГлавнаяУязвимости → CVE-2026-55112
7.5высокая

CVE-2026-55112

Описание

A malicious actor with access to the network and low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi OS with UniFi Protect Application to escalate privileges on the host device.

Затрагиваемое ПО
Ui Unifi dream machine pro firmwareUi Unifi dream machine proUi Unifi dream machine special edition firmwareUi Unifi dream machine special editionUi Unifi dream machine pro max firmwareUi Unifi dream machine pro maxUi Unifi dream machine beast firmwareUi Unifi dream machine beastUi Unifi dream router firmwareUi Unifi dream routerUi Unifi dream wall firmwareUi Unifi dream wallUi Unifi dream router 7 firmwareUi Unifi dream router 7Ui Unifi cloudkey firmwareUi Unifi cloudkeyUi Unifi network video recorder firmwareUi Unifi network video recorderUi Unifi network video recorder pro firmwareUi Unifi network video recorder proUi Unifi network video recorder instant firmwareUi Unifi network video recorder instantUi Enterprise network video recorder firmwareUi Enterprise network video recorderUi Enterprise network video recorder core firmware
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc