CVE-2026-47367 | THREATINT

Description

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UID Enterprise Agent to execute a Command Injection on the host device.

PUBLISHED Reserved 2026-05-19 | Published 2026-06-12 | Updated 2026-06-12 | Assigner hackerone

CRITICAL: 9.9CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Problem types

CWE-20 Improper Input Validation

Product status

Default status

unaffected

Any version before 1.61.4

affected

References

community.ui.com/...065/aa46a22b-fc43-4eae-9382-6fc8feda967a

cve.org (CVE-2026-47367)

nvd.nist.gov (CVE-2026-47367)

Download JSON