HIGHCVE-2026-21638Published Modified CNA hackerone
CVE-2026-21638: A malicious actor in Wi-Fi range of the affected product could leverage a vulnerability in the airMAX Wireless Protocol to achieve a remote code execution (RCE) within the affected product
A malicious actor in Wi-Fi range of the affected product could leverage a vulnerability in the airMAX Wireless Protocol to achieve a remote code execution (RCE) within the affected product. Affected Products: UBB-XG (Version 1.2.2 and earlier) UDB-Pro/UDB-Pro-Sector (Version 1.4.1 and earlier) UBB (Version 3.1.5 and earlier) Mitigation: Update your UBB-XG to Version 1.2.3 or later. Update your UDB-Pro/UDB-Pro-Sector to Version 1.4.2 or later. Update your UBB to Version 3.1.7 or later.
Metrics
- CVSS v3.1
- 8.8
- Severity
- HIGH
- Fixed in
- 1.2.3
- Affected Products
- 3
Fix available
1.2.31.4.23.1.7
Affected packages
- Ubiquiti Inc / UBB-XG< 1.2.3 (from 0)
- Ubiquiti Inc / UDB-Pro/UDB-Pro-Sector< 1.4.2 (from 0)
- Ubiquiti Inc / UBB< 3.1.7 (from 0)
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HReferences