Critical Path Traversal in Ubiquiti UniFi Network Application Enables Account Takeover
Summary
Hide ▲
Show ▼
A critical severity vulnerability, CVE-2026-22557, in Ubiquiti’s UniFi Network Application (versions 10.1.85 and earlier) allows remote attackers on the local network to execute path traversal attacks and gain unauthorized access to system files. This can be exploited to hijack user accounts without privileges or user interaction, enabling full account takeover in low-complexity attacks. The flaw impacts UniFi Network Application deployments, including those managed via UniFi Cloud Gateway, switches, access points, and gateways. Ubiquiti has addressed the issue in versions 10.1.89 and later. A second vulnerability, an authenticated NoSQL injection flaw, was also patched, enabling privilege escalation for authenticated attackers.
Timeline
-
19.03.2026 15:00 1 articles · 2h ago
Ubiquiti patches critical path traversal flaw (CVE-2026-22557) in UniFi Network Application
Ubiquiti disclosed and patched a maximum-severity path traversal vulnerability, CVE-2026-22557, in the UniFi Network Application (versions 10.1.85 and earlier). The flaw allows attackers on the local network to access system files and hijack user accounts without privileges or user interaction. Patches are available in versions 10.1.89 and later. A second authenticated NoSQL injection flaw enabling privilege escalation was also addressed.
Show sources
- Max severity Ubiquiti UniFi flaw may allow account takeover — www.bleepingcomputer.com — 19.03.2026 15:00
Information Snippets
-
CVE-2026-22557 is a path traversal vulnerability in Ubiquiti UniFi Network Application affecting versions 10.1.85 and earlier.
First reported: 19.03.2026 15:001 source, 1 articleShow sources
- Max severity Ubiquiti UniFi flaw may allow account takeover — www.bleepingcomputer.com — 19.03.2026 15:00
-
Successful exploitation of CVE-2026-22557 allows attackers on the local network to access system files and potentially hijack user accounts without requiring user interaction or elevated privileges.
First reported: 19.03.2026 15:001 source, 1 articleShow sources
- Max severity Ubiquiti UniFi flaw may allow account takeover — www.bleepingcomputer.com — 19.03.2026 15:00
-
Ubiquiti patched the flaw in UniFi Network Application versions 10.1.89 and later.
First reported: 19.03.2026 15:001 source, 1 articleShow sources
- Max severity Ubiquiti UniFi flaw may allow account takeover — www.bleepingcomputer.com — 19.03.2026 15:00
-
A second vulnerability, an authenticated NoSQL injection flaw, enables privilege escalation for attackers with authenticated access to the network.
First reported: 19.03.2026 15:001 source, 1 articleShow sources
- Max severity Ubiquiti UniFi flaw may allow account takeover — www.bleepingcomputer.com — 19.03.2026 15:00
-
The UniFi Network Application is management software used to configure, monitor, and optimize Ubiquiti UniFi networking hardware, including access points, switches, and gateways.
First reported: 19.03.2026 15:001 source, 1 articleShow sources
- Max severity Ubiquiti UniFi flaw may allow account takeover — www.bleepingcomputer.com — 19.03.2026 15:00
-
Ubiquiti products have historically been targeted by state-backed groups and cybercriminals for botnet construction and malicious traffic concealment.
First reported: 19.03.2026 15:001 source, 1 articleShow sources
- Max severity Ubiquiti UniFi flaw may allow account takeover — www.bleepingcomputer.com — 19.03.2026 15:00