What is CVE-2026-22557?

CVE-2026-22557 is a critical Path Traversal vulnerability in Ubiquiti UniFi Network Application, rated 10.0 on the CVSS scale. It allows unauthenticated attackers with network access to read and manipulate OS files, leading to full account takeover.

Who is affected by CVE-2026-22557?

This vulnerability affects all users of Ubiquiti UniFi Network Application version 10.1.85 and earlier (Official Release), 10.2.93 and earlier (Release Candidate), and UniFi Express with firmware containing UniFi Network Application 9.0.114 and earlier. This includes Dream Machine, Dream Router, and self-hosted installations.

How can I protect against CVE-2026-22557?

Immediately update UniFi Network Application to version 10.1.89 (Official Release) or 10.2.97 (Release Candidate). For UniFi Express, update firmware to version 4.0.13. Since the vulnerability requires no authentication, any network-accessible device is at risk.

What is the risk level of CVE-2026-22557?

This vulnerability has the maximum CVSS score of 10.0 (critical). An attacker without any authentication can access OS files and take full control of the device. Dream Machine is the central device managing the entire UniFi network, so compromise could mean takeover of the entire network infrastructure.

Is CVE-2026-22557 actively exploited in the wild?

As of the publication date, this vulnerability has not been added to the CISA KEV catalog. Technical details are expected to be published by the security researcher soon, which could accelerate exploit development. Given its criticality (CVSS 10.0) and no authentication requirement, patching should be the highest priority.

CVE-2026-22557: critical Ubiquiti vulnerability (CVSS 10.0)

Summary

Parameter	Value
CVE ID	CVE-2026-22557
Alert Source	Ubiquiti Security Advisory Bulletin 056
CVE Publication Year	2026
Date Published	2026-03-18
Vendor	Ubiquiti
Product	UniFi Network Application
CVSS Score	10.0 (Critical)
Vulnerability Type	Path Traversal (CWE-22)
Authentication	Not required
CISA KEV	No
Ransomware	Not confirmed

Vulnerability Description

CVE-2026-22557 is a Path Traversal vulnerability in the UniFi Network Application that allows an unauthenticated attacker with network access to:

Read and manipulate files on the host operating system
Take over administrator accounts (account takeover)
Gain full control over the device and managed network infrastructure

The vulnerability received the maximum CVSS score of 10.0, indicating the highest possible threat level.

Affected Products and Versions

Product	Vulnerable Versions	Fixed Version
UniFi Network Application (Official)	<= 10.1.85	10.1.89
UniFi Network Application (RC)	<= 10.2.93	10.2.97
UniFi Express (UX) firmware	<= 9.0.114	4.0.13 (includes UNA 9.0.118+)

Affected devices include Dream Machine, Dream Machine Pro, Dream Router, and all self-hosted UniFi Network Application installations.

Required Actions

Immediately update UniFi Network Application to version 10.1.89 or later
UniFi Express: update firmware to 4.0.13
If immediate patching is not possible:
- Restrict network access to the UniFi management interface (firewall/ACL)
- Monitor logs for unusual HTTP requests to the UniFi application
- Consider temporarily disabling external access to the management panel

Alongside CVE-2026-22557, Ubiquiti also patched a second vulnerability:

CVE-2026-22558 - NoSQL Injection (CVSS 7.7) enabling privilege escalation. This vulnerability requires authentication, but when chained with CVE-2026-22557, it creates an attack chain allowing full system compromise.

Sources

Need help securing your systems? nFlo team offers vulnerability management and 24/7 SOC services. Contact us.

Learn More

5G Network Security — Threats and Challenges for Operators

5G networks introduce new attack vectors: network slicing, edge computing, massive IoT. Learn about key 5G security threats and challenges facing tele...

What is CWE? Guide to Common Weakness Enumeration

CWE (Common Weakness Enumeration) is a catalog of software weaknesses. Learn the difference between CWE and CVE, CWE Top 25, and how to use CWE to imp...

Network Detection and Response (NDR): why is network visibility critical to security?

Your EDR systems protect endpoints, but what happens in between? Sophisticated attackers move around your network using devices on which you can't ins...

CVE-2026-22557: Critical Path Traversal in Ubiquiti UniFi Network (CVSS 10.0)

Summary

Vulnerability Description

Affected Products and Versions

Required Actions

Sources

Learn More

Tags:

Share:

Talk to an expert

Grzegorz Gnych

Want to Reduce IT Risk and Costs?

Summary

Vulnerability Description

Affected Products and Versions

Required Actions

Related Vulnerabilities

Sources

Learn More

Tags:

Share:

Talk to an expert

Grzegorz Gnych

Want to Reduce IT Risk and Costs?