- March 18, 2026
Critical Vulnerability in Ubiquiti Network Application (CVE-2026-22557)
On March 18th, Ubiquiti disclosed a Path Traversal vulnerability in the Unifi Network Application, CVE-2026-22557, which can be leveraged to access the underlying file system and could lead to further modifications and result in compromise of an underlying account.
Executive Summary
On March 18th, Ubiquiti disclosed a Path Traversal vulnerability within its Unifi Network Application, CVE-2026-22557, which can be exploited to gain access to and manipulate system files that result in compromise of an underlying account. Given the proliferation of Ubiquiti appliances deployed without direct network access we are unable to identify the majority of Ubiquiti Network Management deployments.
Beazley Security recommends that affected organizations patch immediately, especially if vulnerable Ubiquiti systems have management consoles exposed to the internet.
Affected Systems or Products
Product | Affected Versions | Fixed Versions |
|---|---|---|
UniFi Network application Official Release | <10.1.85 | 10.1.85 |
UniFi Network application Release Candidate | <10.2.93 | 10.2.93 |
UniFi Network application UniFi Express (UX) | <9.0.114 | 9.0.114 |
Mitigations / Workarounds
Currently no mitigations and workarounds exist for this vulnerability. Ubiquiti and Beazley Security advise updating any Network instances in your UniFi console. It’s advisable to not allow external network access to your UniFi Management console and instead leverage Ubiquiti’s Remote Site Management service.
Patches
Updating a Ubiquti UniFi Network Application is performed through the UniFi Portal within the Control Plane Settings.
- 1.
Click the settings cog in on the left-most pane.
- 2.
Access the “Control Plane” settings.
- 3.
Within the loaded pane, ensure you select “Updates”
- 4.
Click the “Update to X.X.X” button within the Network Application Row.
Beazley Security also advises users running the UniFi Management Systems to enable automatic updates on their machines if possible. This is accessible by clicking the Application row within the UI and selecting a Release Channel and update Cadence from within the UI.
Indicators of Compromise
Ubiquiti has not released any IoCs or indicators of attack related to this vulnerability at the time of disclosure.
Given that successful exploition of this vulnerability could give attackers the ability to make changes to the UniFi network, add accounts, or add other mechanisms to access to internal systems it is advised to review affected UniFi Console configurations for unexpected or anomalous activity.
UniFi Consoles enable backups and restoration of the Control Plane and should be leveraged if unexpected changes appear to be made.
Technical Details
At the time of this writing Ubiquiti have released limited technical details within their security advisory. The vulnerability is stated as a Path Traversal vulnerability within the UniFi Network Application, that if exploited could allow an unauthenticated attacker access to sensitive accounts.
How Beazley Security is responding
Beazley Security is monitoring client perimeter devices through our Exposure Management Platform to identify impacted devices and support organizations in remediation of any issues found.
We are also conducting threat hunts across our MDR environment to detect potential exploitation attempts against our clients.
If you believe your organization may have been impacted by this attack campaign and need support, please contact our Incident Response team.
