Skip to main content

Ubiquiti CVE-2026-22565

| EUVDEUVD-2026-22094 HIGH
Improper Input Validation (CWE-20)
2026-04-13 hackerone GHSA-hj6r-ww52-66xr
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

10
Patch released
Apr 30, 2026 - 16:14 nvd
Patch available
Re-analysis Queued
Apr 17, 2026 - 15:37 vuln.today
cvss_changed
Analysis Updated
Apr 16, 2026 - 05:57 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
1.0.38,1.1.9
Analysis Generated
Apr 15, 2026 - 01:12 vuln.today
CVSS changed
Apr 14, 2026 - 21:22 NVD
7.5 (HIGH)
EUVD ID Assigned
Apr 13, 2026 - 21:45 euvd
EUVD-2026-22094
Analysis Generated
Apr 13, 2026 - 21:45 vuln.today
CVE Published
Apr 13, 2026 - 21:28 nvd
HIGH 7.5

DescriptionCVE.org

An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding.

Affected Products: UniFi Play PowerAmp (Version 1.0.35 and earlier) UniFi Play Audio Port  (Version 1.0.24 and earlier)

Mitigation: Update UniFi Play PowerAmp to Version 1.0.38 or later Update UniFi Play Audio Port  to Version 1.1.9 or later

AnalysisAI

Denial of service in Ubiquiti UniFi Play PowerAmp (≤1.0.35) and Audio Port (≤1.0.24) allows unauthenticated remote attackers to crash devices via improper input validation. CVSS 7.5 (High) with network-based attack requiring no privileges or user interaction. EPSS score of 0.01% (1st percentile) indicates minimal real-world exploitation likelihood. No public exploit identified at time of analysis. Vendor-released patches available: PowerAmp 1.0.38+ and Audio Port 1.1.9+.

Technical ContextAI

This vulnerability affects Ubiquiti's UniFi Play audio networking equipment, specifically the PowerAmp and Audio Port products which provide networked audio distribution capabilities. The root cause is CWE-20 (Improper Input Validation), where the devices fail to properly sanitize or validate network input before processing. This input validation weakness allows malformed or crafted packets to trigger an unhandled exception or resource exhaustion condition, causing the device firmware to enter an unresponsive state. The affected CPE strings (cpe:2.3:a:ubiquiti_inc:unifi_play_poweramp and cpe:2.3:a:ubiquiti_inc:unifi_play_audio_port) confirm these are application-layer vulnerabilities in the device management interfaces rather than hardware flaws. The network attack vector (AV:N) suggests the vulnerability exists in a remotely-accessible service, likely the device's web management interface or API endpoint used for configuration and control of the audio networking features.

RemediationAI

Update UniFi Play PowerAmp to firmware version 1.0.38 or later, and update UniFi Play Audio Port to firmware version 1.1.9 or later. Firmware updates should be obtained through the official Ubiquiti UniFi management console or downloaded directly from Ubiquiti's support portal. Consult the vendor's Security Advisory Bulletin 063 at https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83 for detailed upgrade instructions and release notes. As an interim workaround until patching is completed, network segmentation can reduce exposure by restricting access to these devices to trusted management networks only, blocking external or untrusted network access to the device management interfaces via firewall rules or VLAN isolation. No alternative workarounds are documented by the vendor, making firmware updates the definitive remediation.

CVE-2026-34910 CRITICAL POC
10.0 May 22

Unauthenticated command injection in Ubiquiti UniFi OS devices allows remote attackers with network access to execute ar

CVE-2026-34909 CRITICAL POC
10.0 May 22

Path traversal in Ubiquiti UniFi OS devices allows network-adjacent attackers to read sensitive files from the underlyin

CVE-2026-34908 CRITICAL POC
10.0 May 22

Unauthorized system modification on Ubiquiti UniFi OS devices allows network-adjacent attackers to alter device configur

CVE-2013-1606 HIGH POC
7.5 Jul 18

Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT AirCam with airVision firmware before 1.1.6 allow

CVE-2026-22557 CRITICAL POC
10.0 Mar 19

A critical path traversal vulnerability exists in the UniFi Network Application that allows unauthenticated remote attac

CVE-2023-1458 CRITICAL POC
9.8 Mar 25

A vulnerability has been found in Ubiquiti EdgeRouter X 2.0.9-hotfix.6 and classified as critical. Rated critical severi

CVE-2023-24104 CRITICAL POC
9.8 Feb 23

Ubiquiti Networks UniFi Dream Machine Pro v7.2.95 allows attackers to bypass domain restrictions via crafted packets. Ra

CVE-2016-7792 HIGH POC
8.8 Jan 23

Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the data

CVE-2023-23912 HIGH POC
8.8 Feb 09

A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.5

CVE-2023-2375 HIGH POC
7.3 Apr 28

A weakness has been identified in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. Rated high severity (CVSS 7.3), this vulne

CVE-2023-2374 HIGH POC
7.3 Apr 28

A security flaw has been discovered in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. Rated high severity (CVSS 7.3), this

CVE-2023-2378 HIGH POC
7.3 Apr 28

A flaw has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. Rated high severity (CVSS 7.3), this vulnerability

Share

CVE-2026-22565 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy