HarborGuard / CVE
Back to search
CRITICALCVE-2026-33000Published Modified CNA hackerone

CVE-2026-33000: A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection

A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.

Metrics

CVSS v3.1
9.1
Severity
CRITICAL
Fixed in
5.0.8
Affected Products
1

Fix available

5.0.8
Affected packages
  • Ubiquiti Inc / UniFi OS Server
    < 5.0.8 (from 0)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
References
CVE-2026-33000: A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection | HarborGuard CVE