Ubiquiti Unifi Security Vulnerability: Critical Account Takeover Risk

by priyanka.patel tech editor

Ubiquiti Networks, a leading provider of networking hardware, has alerted users to a critical security vulnerability in its UniFi Network Application that could allow attackers to capture control of user accounts. The flaw, identified as CVE-2026-22557, is rated with a maximum severity score of 10, indicating a significant risk to anyone using the software to manage their network devices.

The UniFi Network Application serves as a central management hub for Ubiquiti’s range of networking equipment, including access points, switches, and gateways. It allows users to configure, monitor, and optimize their networks. According to Ubiquiti, the vulnerability stems from a path traversal issue that allows unauthorized access to files on the system, potentially enabling attackers to hijack user accounts without requiring user interaction. This means a malicious actor gaining access to a network could, with relatively low complexity, compromise the security of the entire system.

The vulnerability affects UniFi Network Application version 10.1.85 and earlier. Ubiquiti has released patches in versions 10.1.89 and later to address the issue, urging users to update their systems immediately. The company published a security advisory on Wednesday detailing the flaw and providing instructions for remediation. Security Advisory Bulletin 062 provides further details for those seeking more technical information.

A Second Vulnerability Discovered

Alongside the critical account takeover flaw, Ubiquiti also disclosed a second vulnerability, CVE-2026-22558. While less severe with a CVSS score of 7.7, this authenticated NoSQL injection vulnerability still poses a risk. It allows attackers with existing network access to escalate their privileges within the system. This means a user with limited access could potentially gain administrative control, further compromising network security.

According to Ubiquiti, an attacker exploiting this flaw could manipulate the system to gain access to underlying accounts. Both vulnerabilities underscore the importance of maintaining up-to-date software, particularly for network infrastructure components that serve as gateways to sensitive data and systems. The company emphasizes that updating to version 10.1.89 resolves both identified issues.

Ubiquiti’s History of Security Concerns

This isn’t the first time Ubiquiti’s software has faced scrutiny over security vulnerabilities. Past incidents, including a bug that could have physically unlocked doors connected to the UniFi Access system, highlight the ongoing challenges faced by network equipment manufacturers in securing their products. ITdaily reported on this previous vulnerability, demonstrating a pattern of security concerns within the Ubiquiti ecosystem.

The interconnected nature of modern networks means that any vulnerability in a core component like the UniFi Network Application can have far-reaching consequences. Routers, switches, and access points act as entry points for attackers, making them prime targets for exploitation. Regular security audits, prompt patching, and robust network segmentation are crucial steps in mitigating these risks.

As BleepingComputer reported, Ubiquiti’s quick response to these vulnerabilities is a positive step, but it also serves as a reminder that network security is a continuous process, not a one-time fix.

For users of the UniFi Network Application, the immediate priority is to update to the latest version, 10.1.89, or later. Beyond that, it’s essential to practice decent security hygiene, including using strong, unique passwords, enabling multi-factor authentication where available, and regularly monitoring network activity for suspicious behavior. The potential for account takeover and privilege escalation underscores the need for vigilance in protecting network infrastructure.

Ubiquiti has not yet provided a timeline for further security updates or investigations into the root causes of these vulnerabilities. The company is expected to continue monitoring for potential exploits and will likely release additional guidance as needed. Users are encouraged to regularly check the Ubiquiti Community forums for the latest security advisories and best practices.

What do you think about Ubiquiti’s response to these vulnerabilities? Share your thoughts in the comments below, and please share this article with your network to help raise awareness about this critical security issue.

You may also like

Leave a Comment