Ubiquiti Inc Unifi Play Audio Port vulnerabilities
5 known vulnerabilities affecting ubiquiti_inc/unifi_play_audio_port.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH2
Vulnerabilities
Page 1 of 1
CVE-2026-22562P2CRITICALCVSS 9.8fixed in 1.1.92026-04-13
CVE-2026-22562 [CRITICAL] CWE-22 CVE-2026-22562: A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability
A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code execution (RCE).
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier) UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Updat
nvd
CVE-2026-22563P2CRITICALCVSS 9.8fixed in 1.1.92026-04-13
CVE-2026-22563 [CRITICAL] CWE-20 CVE-2026-22563: A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious
A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play
nvd
CVE-2026-22564P3CRITICALCVSS 9.8fixed in 1.1.92026-04-13
CVE-2026-22564 [CRITICAL] CWE-284 CVE-2026-22564: An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play
An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or l
nvd
CVE-2026-22566P3HIGHCVSS 7.5fixed in 1.1.92026-04-13
CVE-2026-22566 [HIGH] CWE-284 CVE-2026-22566: An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play
An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play
nvd
CVE-2026-22565P3HIGHCVSS 7.5fixed in 1.1.92026-04-13
CVE-2026-22565 [HIGH] CWE-20 CVE-2026-22565: An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Pl
An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding.
Affected Products:
UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port (Version 1.0.24 and earlier)
Mitigation:
Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Pla
nvd