Skip to main content

UniFi Network Application EUVDEUVD-2026-41397

| CVE-2026-55118 HIGH
Improper Access Control (CWE-284)
2026-07-02 hackerone GHSA-f3pc-vh4r-hxxh
8.3
CVSS 3.1 · Vendor: hackerone
Share

Severity by source

Vendor (hackerone) PRIMARY
8.3 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
vuln.today AI
7.1 HIGH

Network-reachable but requires a low-privilege account (PR:L) and the description's 'certain conditions' warrants AC:H; impact is escalation with high integrity/availability but only low confidentiality.

3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H
4.0 AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (hackerone).

CVSS VectorVendor: hackerone

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
High

Lifecycle Timeline

2
Patch available
Jul 02, 2026 - 16:17 EUVD
Analysis Generated
Jul 02, 2026 - 15:38 vuln.today

DescriptionCVE.org

A malicious actor with access to the network,low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate privileges within the UniFi Network Application.

AnalysisAI

Privilege escalation in Ubiquiti's UniFi Network Application allows a low-privileged, authenticated user on the network to elevate their permissions within the application by abusing an Improper Access Control weakness (CWE-284). The CVSS 3.1 score of 8.3 reflects that a network-reachable actor holding limited credentials can, under certain conditions, gain high integrity and availability impact over the controller. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate with low-privilege UniFi account
Delivery
Reach controller management interface over network
Exploit
Trigger improper access control flaw
Execution
Bypass role/authorization checks
Impact
Escalate privileges within UniFi controller

Vulnerability AssessmentAI

Exploitation The attacker must already possess a valid low-privilege authenticated account on the UniFi Network Application (CVSS PR:L) and network reachability to its management interface (AV:N); no user interaction is needed (UI:N). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS vector (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H, score 8.3 High) indicates network-reachable exploitation by an already-authenticated low-privilege user with no user interaction, yielding high integrity and availability impact but only low confidentiality impact - consistent with an authorization escalation rather than data exfiltration. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has been granted (or has compromised) a limited, low-privilege UniFi Network Application account authenticates to the controller over the network and invokes functionality that should be gated to full administrators, escalating to elevated control of the managed network. Because no user interaction is required and attack complexity is rated low, the action can be performed directly through the management interface once the required conditions are met. …
Remediation Upgrade the UniFi Network Application to the fixed release identified in Ubiquiti Security Advisory Bulletin 066 (https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc); the exact patched version number was not included in the provided data and should be confirmed directly from that advisory. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Restrict network access to UniFi controllers to authorized personnel only; implement network segmentation around management interfaces. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-41397 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy