A critical command injection vulnerability in Ubiquiti's UniFi OS allows low-privileged network attackers to execute arbitrary code within affected devices.

This vulnerability is caused by improper input validation, which an attacker with network access can exploit to inject and execute arbitrary commands on the target UniFi OS device or instance.

With a CVSS score of 9.9, this vulnerability presents a critical threat to organizational network integrity. Successful exploitation allows for complete device compromise, potentially enabling attackers to intercept traffic, conduct reconnaissance, or launch further attacks from the compromised device into the internal network.

Immediate Action: Apply the vendor-provided patches (e.g., version 5.1.15, 5.1.16, or 4.0.15) to all affected UniFi OS devices immediately.

Proactive Monitoring: Review device logs for unexpected shell execution or anomalous system behavior following any network-based administrative activity.

Compensating Controls: Restrict network access to the UniFi OS management interface to authorized administrative workstations and disable remote management where feasible.

Public Exploit Available: False

Patching is urgent due to the high severity and the ability for an attacker to gain execution on the host. Ensure all UniFi OS devices are updated to the latest supported firmware as outlined in the vendor advisory to mitigate this critical risk.