CNNVD-202601-4977 Information

CNNVD ID

CNNVD-202601-4977

Related CVE

CVE-2020-37052

• CNNVD Published: 2026-01-30

Description (Chinese)

Ubiquiti AirControl是美国优比快（Ubiquiti）公司的一个集中式网络管理平台。 Ubiquiti AirControl 1.4.2版本存在代码注入漏洞，该漏洞源于.seam端点存在Java表达式注入，可能导致未经验证的攻击者执行远程代码。

Description (English)

Ubiquiti AirControl is a centralized network management platform for Ubiquiti. Version 1.4.2 of Ubiquiti AirCrontrol contains a code-injection loophole, which stems from the presence of Java expression injection at the …seam end point, which may lead to the implementation of remote code by unverified assailants.

Hazard Level

Low

Vulnerability Type

代码注入

Affected Vendor

优比快

Published

2026-01-30

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/48541 https://www.ui.com/ https://www.vulncheck.com/advisories/aircontrol-preauth-remote-code-execution