CVE-2026-21635

Опубликовано: 05 янв. 2026

Источник: nvd

CVSS3: 5.3

CVSS3: 6.5

EPSS Низкий

Описание

An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.5.2 and earlier) to use WiFi AutoLink feature on a device that was only adopted via Ethernet.

Ссылки

https://community.ui.com/releases/Security-Advisory-Bulletin-059/0c0b7f7a-68b7-41b9-987e-554f4b40e0e6
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:ui:unifi_connect_ev_station_lite_firmware:*:*:*:*:*:*:*:*

Версия до 1.6.1 (исключая)

cpe:2.3:h:ui:unifi_connect_ev_station_lite:-:*:*:*:*:*:*:*

EPSS

Процентиль: 6%

0.00025

Низкий

5.3 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-g45v-2mf6-hj9w

CVSS3: 5.3

github

около 1 месяца назад

An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.5.2 and earlier) to use WiFi AutoLink feature on a device that was only adopted via Ethernet.

EPSS

Процентиль: 6%

0.00025

Низкий

5.3 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-284