CP
cyberpings
VulnerabilitiesHIGH

Ubiquiti UniFi Vulnerability - Account Takeover Risk Alert

BCBleepingComputer
CVE-2026-22557UbiquitiUniFi Network Applicationaccount takeoverprivilege escalation
🎯

Basically, a flaw in Ubiquiti's software can let hackers take over accounts easily.

Quick Summary

Ubiquiti has patched a critical vulnerability in the UniFi Network Application that could allow account takeovers. Users of versions 10.1.85 and earlier are at risk. Immediate updates are necessary to secure your network from exploitation.

The Flaw

Ubiquiti has recently addressed a maximum-severity vulnerability in its UniFi Network Application, tracked as CVE-2026-22557. This flaw allows attackers to exploit a path traversal vulnerability, enabling unauthorized access to sensitive files on the system. The affected versions are 10.1.85 and earlier, and users are urged to upgrade to 10.1.89 or later to mitigate this risk. The vulnerability is particularly concerning because it requires low complexity for exploitation, meaning attackers can perform the attack without needing user interaction.

In addition to this critical flaw, Ubiquiti also patched a second vulnerability that allows for privilege escalation. This flaw, identified as an Authenticated NoSQL Injection, can be exploited by users who already have some level of access, allowing them to gain higher privileges within the application.

What's at Risk

The implications of this vulnerability are significant. If exploited, attackers could potentially take control of user accounts, leading to unauthorized actions within the network. This could result in data breaches, unauthorized access to sensitive information, and even manipulation of network settings. Given Ubiquiti's role in managing various networking hardware, the risk extends beyond individual users to entire organizations relying on these systems for their operations.

Moreover, Ubiquiti products have been in the crosshairs of both state-sponsored hackers and cybercriminals in the past. The potential for these vulnerabilities to be exploited in broader attacks is a serious concern, especially in light of previous incidents where Ubiquiti devices were used to build botnets.

Patch Status

Ubiquiti has released patches to address these vulnerabilities, and it is crucial for users to update their systems promptly. The company recommends upgrading to version 10.1.89 or later to ensure that these vulnerabilities are effectively mitigated. Users should also review their network configurations and access controls to limit potential exploitation paths.

Failure to act could leave systems vulnerable to attacks that could compromise not just individual accounts but potentially the entire network infrastructure.

Immediate Actions

To protect your network from these vulnerabilities, follow these steps:

  • Update your UniFi Network Application to version 10.1.89 or later immediately.
  • Review user access levels and ensure that only necessary permissions are granted.
  • Monitor network activity for any unusual behavior that could indicate exploitation attempts.
  • Educate users about the risks associated with unauthorized access and the importance of maintaining strong security practices.

By taking these proactive measures, you can significantly reduce the risk posed by these vulnerabilities and safeguard your network against potential attacks.

🔒 Pro insight: The ease of exploitation for CVE-2026-22557 raises concerns about widespread attacks on unpatched devices in the wild.

Original article from

BleepingComputer · Sergiu Gatlan

Read Full Article

Share

Related Pings

CRITICALVulnerabilities

Ubiquiti UniFi Vulnerabilities - Critical Flaws Exposed

Ubiquiti has disclosed critical vulnerabilities in its UniFi Network Application. Attackers could gain full control of systems. Organizations must patch immediately to avoid severe risks.

Cyber Security News·
HIGHVulnerabilities

Privilege Escalation - 7 Ways to Prevent via Password Resets

Password resets are often a security weak spot. Attackers can exploit these processes for privilege escalation. Discover seven strategies to secure your password resets and protect sensitive accounts.

BleepingComputer·
HIGHVulnerabilities

Zimbra Vulnerability - Russian APT Targets Ukraine Users

A high-severity vulnerability in Zimbra is being exploited by a Russian APT against Ukraine. This puts sensitive user data at risk. Immediate patching is essential to prevent attacks.

SecurityWeek·
HIGHVulnerabilities

Azure Vulnerabilities - New Sign-In Log Bypass Discovered

Two new Azure sign-in log bypasses have been discovered, allowing attackers to access tokens without detection. This poses a serious risk to organizations relying on Azure for authentication. Stay informed and take action to protect your data.

TrustedSec Blog·
HIGHVulnerabilities

Claude Vulnerabilities - Data Exfiltration and User Redirection

Three vulnerabilities in Claude.ai have been discovered, allowing data exfiltration and user redirection to malicious sites. This poses serious risks to user privacy and data security. Organizations must take immediate action to protect sensitive information and educate users about these threats.

Cyber Security News·
HIGHVulnerabilities

iOS Vulnerabilities - DarkSword Exploit Targets Unpatched iPhones

A new exploit called DarkSword targets unpatched iPhones, allowing attackers to steal sensitive data. Users in several countries are at risk. Immediate updates are crucial to protect against this threat.

Malwarebytes Labs·