Skip to content
Tech News
← Back to articles

Max severity Ubiquiti UniFi flaw may allow account takeover

2026-03-19 | original
read original get UniFi Network Security Kit → more articles
Why This Matters

Ubiquiti has addressed a critical security vulnerability in its UniFi Network Application that could allow attackers to hijack user accounts through a path traversal flaw and privilege escalation. This highlights ongoing cybersecurity risks associated with widely used network management tools and underscores the importance of timely updates for consumers and organizations. The fix helps prevent potential breaches that could compromise network security and data integrity.

Key Takeaways

Ubiquiti has patched two vulnerabilities in the UniFi Network Application, including a maximum-severity flaw that may allow attackers to take over user accounts.

The UniFi Network app (also known as the UniFi Controller) is management software that helps configure, monitor, and optimize Ubiquiti UniFi networking hardware, such as access points, switches, and gateways.

"Combines powerful internet gateways with scalable WiFi and switching. Provides real-time traffic dashboards, visual topology maps, and optimization tips," the networking device manufacturer says. "The preferred way to deploy UniFi Network is on a UniFi Cloud Gateway, rather than on a server, laptop, or other self-hosted environment."

Tracked as CVE-2026-22557, the security flaw impacts UniFi Network application version 10.1.85 and earlier and is addressed in versions 10.1.89 or later.

Successful exploitation enables threat actors without privileges to exploit a path traversal vulnerability to access files on the targeted devices and potentially hijack user accounts in low-complexity attacks that don't require user interaction.

"A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated to access an underlying account," the company says in an advisory published on Wednesday.

Ubiquiti also patched a second flaw in the UniFi Network app that attackers with low privileges can exploit for privilege escalation.

"An Authenticated NoSQL Injection vulnerability found in UniFi Network Application could allow a malicious actor with authenticated access to the network to escalate privileges," the company explained.

In recent years, Ubiquiti products have been targeted by both state-backed hacking groups and cybercriminals who hijacked them to build botnets designed to conceal malicious activity.

For instance, in February 2024, the FBI dismantled a botnet of hacked Ubiquiti Edge OS routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) to proxy malicious traffic in attacks targeting the United States and its allies.

Explore topics: ubiquiti unifi network path traversal unifi controller security vulnerability
Related:
The E3 ubiquitin ligase mechanism specifying targeted microRNA degradation

© 2026 GoKawiil

About | Editorial Policy | Contact