Security Advisory

CVE-2026-22564

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-13 21:28:10

Last updated 2026-04-14 13:14:19

Assigner hackerone

State PUBLISHED

Description

An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system.  Affected Products: UniFi Play PowerAmp (Version 1.0.35 and earlier)  UniFi Play Audio Port (Version 1.0.24 and earlier)  Mitigation: Update UniFi Play PowerAmp to Version 1.0.38 or later  Update UniFi Play Audio Port to Version 1.1.9 or later

← Browse all CVEs View on cve.org ↗