Ubiquiti has recently unveiled two significant vulnerabilities in its UniFi Network Application that pose serious security risks. These flaws, including one rated with the highest severity, could allow attackers to gain complete control over the systems. Immediate action is advised for organizations using affected versions to install the latest patches.
Path Traversal Vulnerability: A Critical Threat
The most severe vulnerability, identified as CVE-2026-22557, is a Path Traversal flaw. With a CVSS v3.1 Base Score of 10.0, it represents the utmost risk level. This vulnerability can be exploited without any authentication or user interaction, enabling attackers to remotely navigate directory boundaries and access sensitive files.
By exploiting this flaw, cybercriminals can manipulate these files to grant themselves unauthorized access to system accounts, effectively gaining administrative control over the affected host. This vulnerability was discovered by security researcher n00r3 (@izn0u).
NoSQL Injection: An Escalation Gateway
The second vulnerability, CVE-2026-22558, involves a NoSQL Injection issue with a CVSS score of 7.7, categorized as high severity. Although it requires prior authentication, it operates on a changed scope and can significantly impact confidentiality. This flaw allows attackers with initial access to escalate their privileges, potentially compromising sensitive data and internal configurations.
The NoSQL Injection vulnerability was reported by Garett Kopcha (@0x5t) and poses a serious threat to network integrity.
Mitigation Strategies and Recommendations
In response to these vulnerabilities, Ubiquiti has released updates to mitigate the risks. Users are urged to upgrade to the latest versions as soon as possible:
- For the Official Release: Update to UniFi Network Application Version 10.1.89 or later.
- For Release Candidate: Upgrade to Version 10.2.97 or later.
- For UniFi Express (UX): Update to firmware Version 4.0.13 or later, which includes Network Application Version 9.0.118 or later.
Considering the critical nature of CVE-2026-22557, additional measures such as network segmentation and stringent firewall rules are recommended to protect the UniFi Network Application management interface.
Organizations using vulnerable versions in internet-accessible environments are at heightened risk and should prioritize these patches immediately.
Stay informed about the latest cybersecurity threats by following us on Google News, LinkedIn, and X. Reach out to us for featuring your cybersecurity stories.
