CVE-2026-47370
published 2026-06-12CVE-2026-47370: A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi…
PriorityP270critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
0.83%
53.1th percentile
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within such UniFi OS devices or instances.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ubiquiti_inc | efg | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | envr | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | envr-core | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | express | < 4.0.15 | 4.0.15 |
| ubiquiti_inc | express_7 | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | ucg-fiber | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | ucg-industrial | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | ucg-max | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | ucg-ultra | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | uck | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | uck-enterprise | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | uckp | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | udm | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | udm-beast | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | udm-pro | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | udm-pro-max | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | udm-se | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | udr | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | udr-5g | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | udr7 | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | udw | < 5.1.15 | 5.1.15 |
| ubiquiti_inc | unas-2 | < 5.1.16 | 5.1.16 |
| ubiquiti_inc | unas-4 | < 5.1.16 | 5.1.16 |
| ubiquiti_inc | unas-pro | < 5.1.16 | 5.1.16 |
| ubiquiti_inc | unas-pro-4 | < 5.1.16 | 5.1.16 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Ubiquiti UniFi OS Server up to 5.1.14 command injection (EUVD-2026-36384 / WID-SEC-2026-1872)
vuldb·2026-06-14·CVSS 9.9
CVE-2026-47370 [CRITICAL] Ubiquiti UniFi OS Server up to 5.1.14 command injection (EUVD-2026-36384 / WID-SEC-2026-1872)
A vulnerability, which was classified as critical, has been found in Ubiquiti UniFi OS Server, Express, UDM, UDM-Pro, UDM-SE, UDM-Pro-Max, UDM-Beast, EFG, UDW, UDR, UDR7, UDR-5G, Express 7, UNVR, UNVR-Pro, UNVR-Instant, UNVR-G2, UNVR-G2-Pro, ENVR, ENVR-Core, UNAS-2, UNAS-4, UNAS-Pro, UNAS-Pro-4, UNAS-Pro-8, UCKP, UCK, UCK-Enterprise, UCG-Ultra, UCG-Max, UCG-Fiber and UCG-Industrial up to 5.1.14. Affected by this issue is some unknown functionality. This manipulation causes command injection.
This vulnerability is registered as CVE-2026-47370. Remote exploitation of the attack is possible. No exploit is available.
It is advisable to upgrade the affected component.
GHSA
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within
ghsa_unreviewed·2026-06-12
CVE-2026-47370 [CRITICAL] CWE-20 A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within such UniFi OS devices or instances.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-12
Published