CVE-2026-22558

Published: Mar 19, 2026 Last Modified: Mar 19, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,7

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: changed

Confidentiality: high

Integrity: none

Availability: none

Description

AI Translation Available

An Authenticated NoSQL Injection vulnerability found in UniFi Network Application could allow a malicious actor with authenticated access to the network to escalate privileges.

943

Improper Neutralization of Special Elements in Data Query Logic

Incomplete

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability Access Control

Potential Impacts:

Bypass Protection Mechanism Read Application Data Modify Application Data Varies By Context

Applicable Platforms

All platforms may be affected

View CWE Details

https://community.ui.com/releases/Security-Advisory-Bulleti…

https://community.ui.com/releases/Security-Advisory-Bulletin-062-062/c29719c0-4…

CVE-2026-22558

Description

Improper Neutralization of Special Elements in Data Query Logic

Common Consequences

Applicable Platforms

Iscriviti alla newsletter