UniFi Under Siege: Ubiquiti Issues Emergency Fix for CVSS 10 Vulnerability

Ubiquiti has promulgated an exigent patch to rectify a dual set of vulnerabilities within the UniFi Network Application, a preeminent architecture for orchestrating network hardware.

The cardinal affliction, designated CVE-2026-22557, has a CVSS score of 10 out of 10. This aberration stems from the erroneous parsing of directory paths; an assailant, granted mere network ingress, is empowered to pilfer systemic archives and weaponize them to usurp absolute dominion over an account.

Imperiled are all iterations of the UniFi Network Application brought forth prior to the 18th of March, 2026. The most profound peril shadows those installations laid bare to the sprawling expanse of the internet. The architect vehemently counsels administrators to swiftly rejuvenate both stable releases and experimental builds alike, alongside the deployment of the nascent UniFi Express firmware, which inherently harbors the fortified software permutation.

The auxiliary vulnerability, bearing the cipher CVE-2026-22558, commands a severity quotient of 7.7 and is inextricably linked to a NoSQL injection flaw. Its weaponization necessitates prior authentication; nevertheless, upon breaching the threshold, a malefactor may ascend to elevated privileges and exponentially broaden their sovereign control over the subjugated architecture.

The UniFi Network Application enjoys widespread patronage among both domestic laboratory zealots and elite practitioners. The architecture’s capacity to be instantiated across Linux, Windows, macOS, or within the confines of a Docker vessel consequentially multiplies the tapestry of potentially compromised environments.

To mitigate the encroaching peril whilst the deployment of these vital updates is delayed, Ubiquiti advocates for a migration toward the UniFi OS Server for sovereign, self-hosted configurations. This platform seamlessly amalgamates the entirety of the UniFi arsenal, thereby streamlining the acquisition of contemporary fortifications.

The official promulgation refrains from disclosing whether the enterprise has borne witness to authentic kinetic strikes leveraging these chasms. Deemed vulnerable are iterations of the UniFi Network Application antecedent to 10.1.85 within the stable lineage, those preceding 10.2.93 amongst the experimental variants, and versions antedating 9.0.114 upon UniFi Express apparatuses.