Ubiquiti Releases Security Updates for Critical UniFi OS Vulnerabilities

Ubiquiti, a leading provider of networking and security solutions, has recently addressed three high-severity vulnerabilities in UniFi OS through security updates. These vulnerabilities pose a significant risk as they can be exploited by remote attackers without the need for privileged access.

UniFi OS serves as the unified operating system for managing IT infrastructure, including networking, security, and various services. It also supports popular UniFi applications such as UniFi Network, UniFi Protect, UniFi Access, UniFi Talk, and UniFi Connect.

The first vulnerability (CVE-2026-34908) discovered in UniFi OS allows attackers to make unauthorized changes to targeted systems by exploiting an Improper Access Control weakness. The second flaw (CVE-2026-34909) enables attackers to access files on the underlying system through a Path Traversal vulnerability, potentially leading to unauthorized access to sensitive information.

Additionally, a third critical security issue (CVE-2026-34910) permits malicious actors to execute command injection attacks after gaining network access, exploiting an Improper Input Validation flaw.

Alongside these vulnerabilities, Ubiquiti also patched a critical command injection vulnerability (CVE-2026-33000) and a high-severity information disclosure flaw (CVE-2026-34911) affecting UniFi OS devices.

While Ubiquiti has not confirmed any exploitation of these vulnerabilities before the disclosure, they highlight the importance of promptly applying security updates. The company reported that these vulnerabilities were discovered through its HackerOne bug bounty program.

Currently, Censys, a threat intelligence firm, is monitoring nearly 100,000 Internet-exposed UniFi OS endpoints, with a significant concentration in the United States. However, the status of security measures implemented to mitigate the risks posed by these vulnerabilities remains undisclosed.

In a previous security update in March, Ubiquiti addressed a severe vulnerability (CVE-2026-22557) in the UniFi Network Application that could potentially lead to user account takeover. They also fixed a vulnerability (CVE-2026-22558) that could be exploited for privilege escalation.

Ubiquiti’s products have been targeted by state-sponsored threat actors and cybercriminals in recent years, with incidents involving the creation of botnets to conceal malicious activities. Notably, the FBI dismantled the Moobot botnet in February 2024, comprised of compromised Ubiquiti Edge OS routers used by Russia’s GRU for cyberespionage operations.

Furthermore, Ubiquiti faced scrutiny in April 2022 when the U.S. CISA highlighted a critical command injection vulnerability (CVE-2010-5330) in Ubiquiti AirOS, urging federal agencies to secure their devices promptly.

Automated pentesting tools offer valuable insights, focusing on network traversal capabilities. However, they may not adequately assess your security controls, detection mechanisms, or cloud configurations. Learn about the crucial areas to validate in our comprehensive guide.

Download Now