CVE-2026-56841

Summary

A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device.

Affected Software

VendorProductVersion RangeStatus
Ubiquiti IncUniFi Protect Application0 < 7.1.83affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References