4 matches found
CVE-2026-34908
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system...
CVE-2026-34908
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system...
CVE-2026-34908
CVE-2026-34908 affects UniFi OS Server. The issue is an improper access control that can allow an unauthenticated bypass of the auth flow via a discrepancy between raw and normalized URIs in nginx, potentially leading to unauthorized changes and remote code execution. A fix is available: upgrade ...
PT-2026-48501
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 1.0.4 UniFi OS Server affected versions not specified Description picklescan fails to block pkgutil.resolve name, which allows attackers to bypass the blocklist by resolving dangerous functions through indirect...