CP
cyberpings
VulnerabilitiesCRITICAL

Ubiquiti UniFi Vulnerability - Critical Account Hijacking Risk

SASecurity Affairs
CVE-2026-22557CVE-2026-22558UbiquitiUniFi Network
🎯

Basically, a security flaw in Ubiquiti's software could let hackers take over user accounts.

Quick Summary

Ubiquiti has patched critical vulnerabilities in its UniFi Network app, allowing potential account hijacking. Users must update to secure their systems. This flaw poses serious risks to network security.

The Flaw

Ubiquiti has recently addressed two serious vulnerabilities in its UniFi Network application. Among these, one flaw, tracked as CVE-2026-22557, has been rated with a maximum severity score of 10.0 on the CVSS scale. This flaw allows attackers on the same network to exploit a Path Traversal vulnerability, potentially leading to unauthorized access to user accounts. The vulnerability affects versions 10.1.85 and earlier of the UniFi Network app.

The second vulnerability, identified as CVE-2026-22558, has a CVSS score of 7.7. It is an Authenticated NoSQL Injection vulnerability that could allow a malicious actor with low privileges to escalate their access rights within the system. Both vulnerabilities were patched in version 10.1.89 and later, making it crucial for users to update their applications.

What's at Risk

The implications of these vulnerabilities are significant, especially for organizations relying on Ubiquiti's UniFi Network app to manage their networking devices. The software is widely used to control various hardware components, including Wi-Fi access points, switches, and gateways. If exploited, the Path Traversal flaw could enable attackers to manipulate files on the underlying system, leading to potential account takeovers and unauthorized access to sensitive data.

Organizations that do not update their software risk exposing their networks to attackers who could gain control over their systems. This could result in data breaches, loss of sensitive information, and disruption of services, making timely updates essential.

Patch Status

Ubiquiti has taken swift action to address these vulnerabilities by releasing patches in version 10.1.89 of the UniFi Network application. Users are strongly advised to upgrade to this version or later to mitigate the risks associated with these vulnerabilities. The company has provided detailed advisories outlining the vulnerabilities and the necessary steps for users to secure their systems.

Failure to update could leave systems vulnerable to exploitation, especially in environments where network security is paramount. Regularly checking for updates and applying them is a best practice that can significantly reduce the risk of cyber threats.

Immediate Actions

To protect against these vulnerabilities, users should take the following immediate actions:

  • Update to the latest version of the UniFi Network application (10.1.89 or later).
  • Review network access controls to limit unauthorized access.
  • Monitor network activity for any unusual behavior that may indicate exploitation.

By following these steps, users can enhance their security posture and safeguard their networks against potential account hijacking and other malicious activities. Staying informed about vulnerabilities and applying patches promptly is crucial in today's cybersecurity landscape.

🔒 Pro insight: The CVE-2026-22557 vulnerability showcases the importance of timely patching in network management applications to prevent account takeovers.

Original article from

Security Affairs · Pierluigi Paganini

Read Full Article

Share

Related Pings

HIGHVulnerabilities

ScreenConnect Vulnerability - ConnectWise Issues Critical Alert

ConnectWise has warned of a critical vulnerability in ScreenConnect. This flaw could allow unauthorized access to remote systems. Users must upgrade immediately to protect their networks.

SC Media·
HIGHVulnerabilities

Vulnerabilities in IP KVM Devices - Significant Network Risks

Recent findings reveal critical vulnerabilities in IP KVM devices, exposing networks to severe risks. Attackers can gain root access and execute malicious code, threatening security. Immediate action is essential to mitigate these vulnerabilities.

SC Media·
HIGHVulnerabilities

CVE-2025-32975 - Exploitation of Quest KACE Systems

Arctic Wolf has detected exploitation of a critical vulnerability in Quest KACE Systems Management Appliances. Unpatched systems are at risk of unauthorized access and administrative takeover. Organizations must act quickly to patch their systems and secure their environments.

Arctic Wolf Blog·
HIGHVulnerabilities

CVE-2025-32975 - Exploitation of Quest KACE Systems Alert

Malicious activity linked to CVE-2025-32975 has been observed on unpatched Quest KACE Systems Management Appliances. This vulnerability allows unauthorized access, risking administrative control. Organizations must patch their systems to mitigate these risks.

Arctic Wolf Blog·
HIGHVulnerabilities

PolyShell Vulnerability - Unauthenticated RCE in Magento Stores

A new vulnerability called 'PolyShell' threatens Magento e-stores by allowing unauthorized remote code execution. This flaw affects all versions of Magento Open Source and Adobe Commerce. Immediate action is required to secure these platforms from potential attacks.

BleepingComputer·
HIGHVulnerabilities

Spring Security Vulnerabilities - Critical Updates Released

Spring has issued critical updates for vulnerabilities in Spring Boot and Spring Security. Users must act quickly to apply these updates to prevent unauthorized access. Protect your applications by reviewing the advisories and updating your systems.

Canadian Cyber Centre Alerts·