{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-21635", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "state": "PUBLISHED", "assignerShortName": "hackerone", "dateReserved": "2026-01-01T15:00:02.338Z", "datePublished": "2026-01-05T16:47:39.081Z", "dateUpdated": "2026-01-07T15:19:03.376Z"}, "containers": {"cna": {"descriptions": [{"lang": "en", "value": "An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.5.2 and earlier) to use WiFi AutoLink feature on a device that was only adopted via Ethernet."}], "affected": [{"defaultStatus": "unaffected", "vendor": "Ubiquiti Inc", "product": "UniFi Connect EV Station Lite", "versions": [{"version": "0", "status": "affected", "lessThan": "1.6.1", "versionType": "semver"}]}], "references": [{"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-059/0c0b7f7a-68b7-41b9-987e-554f4b40e0e6"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2026-01-05T16:47:39.081Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "CWE-284 Improper Access Control"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-05T19:38:40.411282Z", "id": "CVE-2026-21635", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T15:19:03.376Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-21635", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-05T19:38:40.411282Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-05T19:39:40.254Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "Ubiquiti Inc", "product": "UniFi Connect EV Station Lite", "versions": [{"status": "affected", "version": "0", "lessThan": "1.6.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-059/0c0b7f7a-68b7-41b9-987e-554f4b40e0e6"}], "descriptions": [{"lang": "en", "value": "An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.5.2 and earlier) to use WiFi AutoLink feature on a device that was only adopted via Ethernet."}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2026-01-05T16:47:39.081Z"}}}, "cveMetadata": {"cveId": "CVE-2026-21635", "state": "PUBLISHED", "dateUpdated": "2026-01-07T15:19:03.376Z", "dateReserved": "2026-01-01T15:00:02.338Z", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "datePublished": "2026-01-05T16:47:39.081Z", "assignerShortName": "hackerone"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ui:unifi_connect_ev_station_lite_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5EBEF9D-3DC1-47DB-A23B-F63D3B5F378B", "versionEndExcluding": "1.6.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ui:unifi_connect_ev_station_lite:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BD1ED22-51D2-485D-BF58-D9183AF27857", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.5.2 and earlier) to use WiFi AutoLink feature on a device that was only adopted via Ethernet."}], "id": "CVE-2026-21635", "lastModified": "2026-01-30T01:22:13.397", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "support@hackerone.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-01-05T17:15:47.350", "references": [{"source": "support@hackerone.com", "tags": ["Vendor Advisory"], "url": "https://community.ui.com/releases/Security-Advisory-Bulletin-059/0c0b7f7a-68b7-41b9-987e-554f4b40e0e6"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T08:19:32.791433+00:00", "value": {"mitigation_remediation": ["Install the latest firmware version of UniFi Connect EV Station Lite that contains a fix for the improper access control issue.", "Disable the AutoLink feature for devices that have not been adopted through an Ethernet connection or apply configuration settings that prevent AutoLink requests from unapproved clients.", "Restrict the EV Station Lite to a secure, authenticated Wi\u2011Fi network and isolate it from untrusted networks, ensuring that only authorized devices can reach it."], "summary": {"action": "Assess Impact", "impact": "Unauthorized access via Wi\u2011Fi AutoLink on Ethernet\u2011only adopted devices"}, "threat_synthesis": {"affected_systems": "The vendor is Ubiquiti Inc, product UniFi Connect EV Station Lite. Firmware versions 1.5.2 and earlier are vulnerable. No additional version or build information is specified beyond the firmware release number. The affected model is identified by the community advisory available at the provided link.", "description_and_impact": "An improper access control flaw exists in the UniFi Connect EV Station Lite firmware versions 1.5.2 and earlier. A malicious actor within Wi\u2011Fi range can activate the device\u2019s Wi\u2011Fi AutoLink feature against a unit that was previously adopted via Ethernet. Because the AutoLink function is not properly restricted, the attacker could potentially invoke management or configuration operations that should be available only to devices adopted over a wired connection. This weakness is categorized as CWE\u2011284, reflecting a failure to enforce access control policies.", "risk_and_exploitability": "The CVSS base score is 5.3, indicating moderate severity. The EPSS probability is reported as less than 1 percent, signifying a very low but non\u2011zero likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. Attackers would need local Wi\u2011Fi access to the device and must trigger the AutoLink feature from a device that was not adopted via Ethernet, implying that exploitation is limited to a local or compromised wireless environment."}}}}, "created": "2026-01-06T14:16:45.230921+00:00", "title": "Improper Access Control Allowing Wi\u2011Fi AutoLink on Ethernet\u2011Only Adopted Devices", "updated": "2026-04-18T08:30:35.823230+00:00", "vendors": ["ubiquiti", "ubiquiti$PRODUCT$ev_station_lite"]}