securityonline.info 7/7/2026, 6:33:04 PM · external

Ubiquiti fixes critical UniFi Connect app RCE flaw

Ubiquiti fixes critical UniFi Connect app RCE flaw
CyberSIXT Evidence Panel
Primary Source community.ui.com
CISA KEV Not in KEV
Patch Patch Status Unknown

UBIQUITI has issued UniFi Security Advisory Bulletin 066, addressing 25 vulnerabilities across its range of products, including critical flaws in the UniFi Connect app that could allow attackers to execute commands without login. The advisory emphasizes the broad impact on home users, small businesses, and large infrastructures running UniFi equipment, which could potentially allow unauthorized access to sensitive functions such as video feeds and door controls.

Key vulnerabilities include:

Affected products and versions include various apps and devices within the UniFi ecosystem, with a recommendation for users to promptly update their systems. There are no known active exploits or attacks at this time, but given the severity of the vulnerabilities, immediate patching is advised.

View Primary Source Via securityonline.info

Article by CyberSIXT