Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation
Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation
Publish Date: 2026-07-08 17:11:00
Source Domain: securityaffairs.com
Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation
Pierluigi Paganini
July 08, 2026

Ubiquiti patched seven UniFi OS flaws, including critical CVE-2026-50746, which allows command injection in UniFi Connect Application.
Ubiquiti released security updates for seven critical UniFi OS vulnerabilities, including a maximum-severity flaw, tracked as CVE-2026-50746 (CVSS score of 10.0), enabling command injection attacks.
The issue affects UniFi Connect Application versions 3.4.16 and earlier, a platform used to manage commercial building systems such as smart lighting and EV chargers. Organizations using affected versions should update promptly to reduce compromise risks.
“A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device.” reads the advisory.
The vendor also addressed thcritical vulnerabilities:
- CVE-2026-50747 (CVSS score of 9.9): The vulnerability affects UniFi Talk Application and consists of authenticated SQL injection flaws. A low-privileged attacker with network access can exploit the issue to escalate privileges and gain greater control over the host device.
- CVE-2026-50748 (CVSS score of 9.9): The vulnerability affects UniFi Access Application and is caused by improper input validation. A low-privileged attacker with network access can exploit the flaw to execute commands on the host device.
- CVE-2026-54400 (CVSS score of 9.1): The vulnerability affects UniFi Access Application and is caused by improper access control. A high-privileged attacker can exploit it to escalate privileges on the affected host device.
- CVE-2026-54402 (CVSS score of 9.9): The vulnerability affects multiple UniFi OS devices and allows a low-privileged attacker with network access to exploit an SSRF vulnerability,…