AttackFeed by Joe Wagner | Ubiquiti defect poses account takeover risk for UniFi Networking Application users  - CyberScoop

Ubiquiti defect poses account takeover risk for UniFi Networking Application users  – CyberScoop

Posted on By Matt Kapko No Comments on Ubiquiti defect poses account takeover risk for UniFi Networking Application users  – CyberScoop
Attack Feeds

Researchers and threat hunters are scrambling to contain a maximum-severity defect in Ubiquiti’s UniFi Network Application that attackers could exploit to take over user accounts by accessing and manipulating files.

The path-traversal vulnerability — CVE-2026-22557 — affects software used to manage UniFi networking devices, including access points, gateways and switches. The vendor disclosed and released patches for the defect in a security advisory Wednesday.

“As of this morning, we have not observed any public proof-of-concept exploits or confirmed reports of exploitation in the wild,” Matthew Guidry, senior product detection engineer at Censys, told CyberScoop.

“However, because this is a path-traversal vulnerability, the technical complexity for an attacker is typically lower than memory-corruption or buffer-overflow bugs,” he added. “Given that the CVSS 10 rating implies low attack complexity, we anticipate that once the specific vulnerable endpoint is identified, exploitation will be trivial to automate.”

Censys sensors observed nearly 88,000 UniFi Network Application hosts publicly exposed to the internet as of Friday morning. The software doesn’t expose what version it’s running, so scans cannot distinguish between vulnerable and patched instances.

Roughly one-third of the exposed instances of UniFi Network Application are located in the United States. 

As a defender, when you see a CVSS 10 for a product you immediately recognize and know is everywhere, you probably get a bit anxious,” Guidry said. “You also know it’s remotely exploitable, requires no authentication, and needs no user interaction, because it wouldn’t be a 10 if it wasn’t. Ubiquiti is a name you hear frequently, and many of those devices are sitting directly on the internet.”

Ubiquiti advises UniFi Network Application users to update to the latest software versions, which also addressed a second vulnerability — CVE-2026-22558 — that attackers could exploit to escalate privileges.

The post Ubiquiti defect poses account takeover risk for UniFi Networking Application users appeared first on CyberScoop.

  –

Read More  – CyberScoop 

You may also like

Attack Feeds
Key lawmaker says Congress likely to kick can down road on cyber information sharing law  – CyberScoop
December 16, 2025
Attack Feeds
Federal court dismisses Trump DOJ lawsuit seeking California voter data  – CyberScoop
January 16, 2026
Attack Feeds
After major Poland energy grid cyberattack, CISA issues warning to U.S. audience  – CyberScoop
February 10, 2026
Attack Feeds
Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems  – The Hacker News
February 12, 2026

Leave a Reply

AttackFeed by Joe Wagner
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.