Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-54403

CVSS 8.6 · High EPSS 0.46% · P37

Affected Version Matrix 12

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-54403

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Ubiquiti UniFi OS Server 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Ubiquiti Inc UniFi OS Server是Ubiquiti Inc公司的网络设备管理软件。 Ubiquiti UniFi OS Server存在路径遍历漏洞,该漏洞源于路径遍历问题,可能导致拥有网络访问权限的攻击者绕过身份验证。以下版本受到影响:UniFi OS Server 5.1.19之前版本、Dream Machines 5.1.19之前版本、Enterprise Fortress Gateway 5.1.19之前版本、Dream Wall 5.1.19之前版本、Dream Rout
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Ubiquiti IncUniFi OS Server 0 ~ 5.1.19 -
Ubiquiti IncDream Machines 0 ~ 5.1.19 -
Ubiquiti IncEnterprise Fortress Gateway 0 ~ 5.1.19 -
Ubiquiti IncDream Wall 0 ~ 5.1.19 -
Ubiquiti IncDream Routers 0 ~ 5.1.19 -
Ubiquiti IncExpress 7 0 ~ 5.1.19 -
Ubiquiti IncCloud Keys 0 ~ 5.1.19 -
Ubiquiti IncNetwork Video Recorders 0 ~ 5.1.19 -
Ubiquiti IncEnterprise Video Recorders 0 ~ 5.1.19 -
Ubiquiti IncCloud Gateways 0 ~ 5.1.19 -
Ubiquiti IncNetwork Attached Storage 0 ~ 5.1.19 -
Ubiquiti IncEnterprise Firewall Core 0 ~ 5.1.19 -

II. Public POCs for CVE-2026-54403

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-54403

登录查看更多情报信息。

Same Patch Batch · Ubiquiti Inc · 2026-07-02 · 25 CVEs total

CVE-2026-5074610.0 CRITICALUbiquiti UniFi Connect Application 权限许可和访问控制问题漏洞
CVE-2026-544029.9 CRITICALUbiquiti UniFi OS Server 输入验证错误漏洞
CVE-2026-551159.9 CRITICALUbiquiti UniFi Protect Application 服务端请求伪造漏洞
CVE-2026-507479.9 CRITICALUbiquiti UniFi Talk Application SQL注入漏洞
CVE-2026-507489.9 CRITICALUbiquiti UniFi Access Application 输入验证错误漏洞
CVE-2026-544009.1 CRITICALUbiquiti UniFi Access Application 权限许可和访问控制问题漏洞
CVE-2026-551169.0 CRITICALUbiquiti Dream Machines 权限许可和访问控制问题漏洞
CVE-2026-544048.8 HIGHUbiquiti UniFi OS Server SQL注入漏洞
CVE-2026-551148.8 HIGHUbiquiti UniFi Network Application 权限许可和访问控制问题漏洞
CVE-2026-568418.8 HIGHUbiquiti UniFi Protect Application SQL注入漏洞
CVE-2026-544068.7 HIGHUbiquiti UniFi Network Application 路径遍历漏洞
CVE-2026-544078.6 HIGHUbiquiti UniFi Protect Application 权限许可和访问控制问题漏洞
CVE-2026-551178.6 HIGHUbiquiti UniFi Access Application 路径遍历漏洞
CVE-2026-544088.6 HIGHUbiquiti UniFi Protect Application 权限许可和访问控制问题漏洞
CVE-2026-551188.3 HIGHUbiquiti UniFi Network Application 权限许可和访问控制问题漏洞
CVE-2026-551198.1 HIGHUbiquiti UniFi Talk Application 权限许可和访问控制问题漏洞
CVE-2026-544017.7 HIGHUbiquiti UniFi OS Server 服务端请求伪造漏洞
CVE-2026-568427.5 HIGHUbiquiti UniFi Network Application 授权问题漏洞
CVE-2026-544097.5 HIGHUbiquiti UniFi Protect Application 资源管理错误漏洞
CVE-2026-551107.5 HIGHUbiquiti UniFi OS Server 配置错误漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

V. Comments for CVE-2026-54403

No comments yet


Leave a comment