{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-47369: A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-47369","status":"final","version":"1","initial_release_date":"2026-06-12T02:27:43.612Z","current_release_date":"2026-06-13T03:55:49.944Z","revision_history":[{"date":"2026-06-12T02:27:43.612Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-47369 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-47369"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-47369"},{"category":"external","summary":"community.ui.com","url":"https://community.ui.com/releases/Security-Advisory-Bulletin-065-065/aa46a22b-fc43-4eae-9382-6fc8feda967a"}]},"product_tree":{"branches":[{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UniFi OS Server","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UniFi OS Server <5.1.15","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:unifi_os_server:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"Express","branches":[{"category":"product_version_range","name":"<4.0.15","product":{"name":"Ubiquiti Inc Express <4.0.15","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:express:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UDM","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UDM <5.1.15","product_id":"CSAFPID-3","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:udm:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UDM-Pro","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UDM-Pro <5.1.15","product_id":"CSAFPID-4","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:udm-pro:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UDM-SE","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UDM-SE <5.1.15","product_id":"CSAFPID-5","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:udm-se:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UDM-Pro-Max","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UDM-Pro-Max <5.1.15","product_id":"CSAFPID-6","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:udm-pro-max:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UDM-Beast","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UDM-Beast <5.1.15","product_id":"CSAFPID-7","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:udm-beast:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"EFG","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc EFG <5.1.15","product_id":"CSAFPID-8","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:efg:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UDW","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UDW <5.1.15","product_id":"CSAFPID-9","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:udw:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UDR","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UDR <5.1.15","product_id":"CSAFPID-10","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:udr:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UDR7","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UDR7 <5.1.15","product_id":"CSAFPID-11","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:udr7:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UDR-5G","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UDR-5G <5.1.15","product_id":"CSAFPID-12","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:udr-5g:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"Express 7","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc Express 7 <5.1.15","product_id":"CSAFPID-13","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:express_7:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UNVR","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UNVR <5.1.15","product_id":"CSAFPID-14","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:unvr:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UNVR-Pro","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UNVR-Pro <5.1.15","product_id":"CSAFPID-15","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:unvr-pro:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UNVR-Instant","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UNVR-Instant <5.1.15","product_id":"CSAFPID-16","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:unvr-instant:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UNVR-G2","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UNVR-G2 <5.1.15","product_id":"CSAFPID-17","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:unvr-g2:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UNVR-G2-Pro","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UNVR-G2-Pro <5.1.15","product_id":"CSAFPID-18","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:unvr-g2-pro:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"ENVR","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc ENVR <5.1.15","product_id":"CSAFPID-19","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:envr:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"ENVR-Core","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc ENVR-Core <5.1.15","product_id":"CSAFPID-20","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:envr-core:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UNAS-2","branches":[{"category":"product_version_range","name":"<5.1.16","product":{"name":"Ubiquiti Inc UNAS-2 <5.1.16","product_id":"CSAFPID-21","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:unas-2:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UNAS-4","branches":[{"category":"product_version_range","name":"<5.1.16","product":{"name":"Ubiquiti Inc UNAS-4 <5.1.16","product_id":"CSAFPID-22","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:unas-4:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UNAS-Pro","branches":[{"category":"product_version_range","name":"<5.1.16","product":{"name":"Ubiquiti Inc UNAS-Pro <5.1.16","product_id":"CSAFPID-23","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:unas-pro:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UNAS-Pro-4","branches":[{"category":"product_version_range","name":"<5.1.16","product":{"name":"Ubiquiti Inc UNAS-Pro-4 <5.1.16","product_id":"CSAFPID-24","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:unas-pro-4:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UNAS-Pro-8","branches":[{"category":"product_version_range","name":"<5.1.16","product":{"name":"Ubiquiti Inc UNAS-Pro-8 <5.1.16","product_id":"CSAFPID-25","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:unas-pro-8:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UCKP","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UCKP <5.1.15","product_id":"CSAFPID-26","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:uckp:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UCK","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UCK <5.1.15","product_id":"CSAFPID-27","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:uck:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UCK-Enterprise","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UCK-Enterprise <5.1.15","product_id":"CSAFPID-28","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:uck-enterprise:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UCG-Ultra","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UCG-Ultra <5.1.15","product_id":"CSAFPID-29","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:ucg-ultra:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UCG-Max","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UCG-Max <5.1.15","product_id":"CSAFPID-30","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:ucg-max:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UCG-Fiber","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UCG-Fiber <5.1.15","product_id":"CSAFPID-31","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:ucg-fiber:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"UCG-Industrial","branches":[{"category":"product_version_range","name":"<5.1.15","product":{"name":"Ubiquiti Inc UCG-Industrial <5.1.15","product_id":"CSAFPID-32","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:ucg-industrial:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-47369","title":"A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances","notes":[{"category":"description","text":"A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7","CSAFPID-8","CSAFPID-9","CSAFPID-10","CSAFPID-11","CSAFPID-12","CSAFPID-13","CSAFPID-14","CSAFPID-15","CSAFPID-16","CSAFPID-17","CSAFPID-18","CSAFPID-19","CSAFPID-20","CSAFPID-21","CSAFPID-22","CSAFPID-23","CSAFPID-24","CSAFPID-25","CSAFPID-26","CSAFPID-27","CSAFPID-28","CSAFPID-29","CSAFPID-30","CSAFPID-31","CSAFPID-32"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL"},"products":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7","CSAFPID-8","CSAFPID-9","CSAFPID-10","CSAFPID-11","CSAFPID-12","CSAFPID-13","CSAFPID-14","CSAFPID-15","CSAFPID-16","CSAFPID-17","CSAFPID-18","CSAFPID-19","CSAFPID-20","CSAFPID-21","CSAFPID-22","CSAFPID-23","CSAFPID-24","CSAFPID-25","CSAFPID-26","CSAFPID-27","CSAFPID-28","CSAFPID-29","CSAFPID-30","CSAFPID-31","CSAFPID-32"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: 4.0.15, 5.1.15, 5.1.16.","product_ids":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7","CSAFPID-8","CSAFPID-9","CSAFPID-10","CSAFPID-11","CSAFPID-12","CSAFPID-13","CSAFPID-14","CSAFPID-15","CSAFPID-16","CSAFPID-17","CSAFPID-18","CSAFPID-19","CSAFPID-20","CSAFPID-21","CSAFPID-22","CSAFPID-23","CSAFPID-24","CSAFPID-25","CSAFPID-26","CSAFPID-27","CSAFPID-28","CSAFPID-29","CSAFPID-30","CSAFPID-31","CSAFPID-32"]}]}]}