A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Thu, 02 Jul 2026 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Ubiquiti
Ubiquiti unifi Network Application |
|
| Vendors & Products |
Ubiquiti
Ubiquiti unifi Network Application |
Thu, 02 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 02 Jul 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device. | |
| Weaknesses | CWE-22 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: hackerone
Published:
Updated: 2026-07-02T16:10:43.419Z
Reserved: 2026-06-13T15:00:00.605Z
Link: CVE-2026-54406
Updated: 2026-07-02T16:10:40.652Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-02T17:00:15Z
Weaknesses