Critical severity9.8NVD Advisory· Published Apr 13, 2026· Updated Apr 30, 2026
CVE-2026-22562
CVE-2026-22562
Description
A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code execution (RCE).
Affected Products: UniFi Play PowerAmp (Version 1.0.35 and earlier) UniFi Play Audio Port (Version 1.0.24 and earlier) Mitigation: Update UniFi Play PowerAmp to Version 1.0.38 or later Update UniFi Play Audio Port to Version 1.1.9 or later
Affected products
1- Range: <=1.0.35
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.