PT-2026-32857

CVE-2026-32214 Improper access control in Universal Plug and Play upnp.dll allows an authorized attacker to disclose information locally. https://t.co/mQeTrH15sG...

Microsoft Windows UPnP 安全漏洞

Microsoft Windows UPnP is a device proxy provided by Microsoft Corporation. It serves as a proxy that allows Windows network connections to recognize the IP address of ZoneDirector. There are security vulnerabilities associated with Microsoft Windows UPnP. Attackers can exploit these...

PT-2026-32856

CVE-2026-32212 Improper link resolution before file access 'link following' in Universal Plug and Play upnp.dll allows an authorized attacker to disclose information locally. https://t.co/8vH7ez64Tq...

PT-2026-32826

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A use after free in the Windows Universal Plug and Play UPnP Device Host allows an unauthorized attacker to execute arbitrary code locally and remotely, affecting the system. Use after free i...

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows Universal Plug and Play UPnP Device Host has a resource management vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products a...

PT-2026-32777

Name of the Vulnerable Software and Affected Versions Windows Universal Plug and Play UPnP Device Host affected versions not specified Description A use after free issue in the Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally. Use after...

CVE-2026-22564

An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation:...

CVE-2026-22566

An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

CVE-2026-22562

A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code execution RCE. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Por...

CVE-2026-22563

A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

CVE-2026-22562

The CVE-2026-22562 entry concerns UniFi Play firmware where a Path Traversal vulnerability allows writing files on the system, enabling remote code execution. Affected are UniFi Play PowerAmp <= 1.0.35 and UniFi Play Audio Port = 1.0.38; Audio Port upgrades to >= 1.1.9. No exploitation deta...

CVE-2026-22562

A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code execution RCE. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Por...

CVE-2026-22563

A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

CVE-2026-22564

An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation:...

CVE-2026-22566

An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

CVE-2026-22564

An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation:...

CVE-2026-22565

An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

CVE-2026-22566

An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

CVE-2026-22564

An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation:...

CVE-2026-22566

An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...