Critical Ubiquiti UniFi Vulnerabilities Enable Account Takeover

Critical Ubiquiti UniFi Vulnerabilities Enable Account Takeover

First seen 19 Mar 2026, 14:12 UTC Heise.DeBleepingcomputerCybersecuritynewsSecurityaffairs.CoCyberscoop+2 83% similarity 72.9

Article Content

Browse articles
ThreatCluster

Ubiquiti has disclosed two critical vulnerabilities in its UniFi Network Application, including CVE-2026-22557, a path traversal flaw that allows unauthenticated attackers to potentially take over user accounts. This vulnerability affects versions 10.1.85 and earlier of the UniFi Network Application, which is widely used for managing networking hardware. The second vulnerability, CVE-2026-22558, is a NoSQL injection flaw that allows authenticated users to escalate their privileges. Ubiquiti has released patches in versions 10.1.89 and later to address these issues. Organizations are urged to update their systems immediately to mitigate the risks. The vulnerabilities could lead to significant security breaches, given the popularity of Ubiquiti's products among both state-backed and criminal actors. Ubiquiti has a history of being targeted, highlighting the ongoing risks associated with its devices.

Key Points: • CVE-2026-22557 allows unauthenticated attackers to take over user accounts. • CVE-2026-22558 enables privilege escalation for authenticated users. • Patches are available in versions 10.1.89 and later; immediate updates are recommended.

ThreatCluster AI

Timeline

2026-03-19
CVE-2026-22557 and CVE-2026-22558 published
2026-03-19
Ubiquiti releases patches for vulnerabilities

Community

Browse all →