Ubiquiti defect poses account takeover risk for UniFi Networking Application users | CyberScoop<\/title> <meta name=\"description\" content=\"The maximum-severity vulnerability, which hasn\u2019t been exploited in the wild yet, affects software customers use to manage networking devices.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/ubiquiti-unifi-networking-application-vulnerability\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Ubiquiti defect poses account takeover risk for UniFi Networking Application users\"> <meta property=\"og:description\" content=\"The maximum-severity vulnerability, which hasn\u2019t been exploited in the wild yet, affects software customers use to manage networking devices.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/ubiquiti-unifi-networking-application-vulnerability\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2026-03-20T16:22:08+00:00\"> <meta property=\"article:modified_time\" content=\"2026-03-20T16:22:11+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg\"> <meta property=\"og:image:width\" content=\"2299\"> <meta property=\"og:image:height\" content=\"1303\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1773246214g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1772477397g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1773271249g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/88330\"><meta name=\"generator\" content=\"WordPress 6.8.5\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=88330\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fubiquiti-unifi-networking-application-vulnerability%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fubiquiti-unifi-networking-application-vulnerability%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-88330 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/ubiquiti-unifi-networking-application-vulnerability\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.417824074074\">\n<div class=\"single-article__header-content\" readability=\"36.450839328537\">\n<p> The maximum-severity vulnerability, which hasn\u2019t been exploited in the wild yet, affects software customers use to manage networking devices. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/88330\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"363\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users.jpg?resize=640%2C363&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg 2299w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg?resize=300,170 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg?resize=768,435 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg?resize=1024,580 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg?resize=1536,871 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg?resize=2048,1161 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg?resize=600,340 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg?resize=296,168 296w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg?resize=595,337 595w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg?resize=1191,675 1191w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-2.jpg?resize=1487,843 1487w\" sizes=\"(max-width: 1191px) 100vw, 1191px\"><figcaption> (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"24.771895679253\"><body readability=\"51.802941176471\"><\/p>\n<p>Researchers and threat hunters are scrambling to contain a maximum-severity defect in Ubiquiti\u2019s UniFi Network Application that attackers could exploit to take over user accounts by accessing and manipulating files.<\/p>\n<p>The path-traversal vulnerability \u2014 <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-22557\">CVE-2026-22557<\/a> \u2014 affects software used to manage UniFi networking devices, including access points, gateways and switches. The vendor disclosed and released patches for the defect in a <a href=\"https:\/\/community.ui.com\/releases\/Security-Advisory-Bulletin-062-062\/c29719c0-405e-4d4a-8f26-e343e99f931b\">security advisory<\/a> Wednesday.<\/p>\n<p>\u201cAs of this morning, we have not observed any public proof-of-concept exploits or confirmed reports of exploitation in the wild,\u201d Matthew Guidry, senior product detection engineer at Censys, told CyberScoop.<\/p>\n<p>\u201cHowever, because this is a path-traversal vulnerability, the technical complexity for an attacker is typically lower than memory-corruption or buffer-overflow bugs,\u201d he added. \u201cGiven that the CVSS 10 rating implies low attack complexity, we anticipate that once the specific vulnerable endpoint is identified, exploitation will be trivial to automate.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Censys sensors observed nearly <a href=\"https:\/\/platform.censys.io\/search\/report\/data\/table?q=%28host.services.endpoints.http.html_title%3A+%22UniFi+Network%22+or+web.endpoints.http.html_title%3A+%22UniFi+Network%22%29+and+not+labels%3A+%22HONEYPOT%22&field=host.location.country&num_buckets=500&filter_query=false&count_by=.&utm_source=censys_rr&__hstc=45303291.3b19eb1779086f48595d2d7a7a32a1af.1773956758313.1773956758313.1773956758313.1&__hssc=45303291.1.1773956758313&__hsfp=899e0bd23c45fa2fb020857ee05608bb\">88,000 UniFi Network Application hosts<\/a> publicly exposed to the internet as of Friday morning. The software doesn\u2019t expose what version it\u2019s running, so scans cannot distinguish between vulnerable and patched instances.<\/p>\n<p>Roughly one-third of the exposed instances of UniFi Network Application are located in the United States. <\/p>\n<p>As a defender, when you see a CVSS 10 for a product you immediately recognize and know is everywhere, you probably get a bit anxious,\u201d Guidry said. \u201cYou also know it\u2019s remotely exploitable, requires no authentication, and needs no user interaction, because it wouldn\u2019t be a 10 if it wasn\u2019t. Ubiquiti is a name you hear frequently, and many of those devices are sitting directly on the internet.\u201d<\/p>\n<p>Ubiquiti advises UniFi Network Application users to update to the latest software versions, which also addressed a second vulnerability \u2014 <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-22558\">CVE-2026-22558<\/a> \u2014 that attackers could exploit to escalate privileges.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.4005681818182\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/ubiquiti-unifi-networking-application-vulnerability\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ubiquiti defect poses account takeover risk for UniFi Networking Application<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[999,78,2182,4838,823,6245,256,310,288,6246,2281,703,2390],"tags":[1002,86,2185,4841,827,6247,262,311,294,6248,2283,705,2394],"class_list":["post-8452","post","type-post","status-publish","format-standard","hentry","category-censys","category-cybersecurity","category-edge-devices","category-network-edge-devices","category-patching","category-path-traversal","category-research","category-technology","category-threats","category-ubiquiti","category-vulnerability","category-vulnerability-disclosure","category-vulnerability-management","tag-censys","tag-cybersecurity","tag-edge-devices","tag-network-edge-devices","tag-patching","tag-path-traversal","tag-research","tag-technology","tag-threats","tag-ubiquiti","tag-vulnerability","tag-vulnerability-disclosure","tag-vulnerability-management"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/censys\/\" rel=\"category tag\">Censys<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/edge-devices\/\" rel=\"category tag\">edge devices<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/network-edge-devices\/\" rel=\"category tag\">network edge devices<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/patching\/\" rel=\"category tag\">Patching<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/path-traversal\/\" rel=\"category tag\">path traversal<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/technology\/\" rel=\"category tag\">Technology<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ubiquiti\/\" rel=\"category tag\">Ubiquiti<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerability\/\" rel=\"category tag\">vulnerability<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerability-disclosure\/\" rel=\"category tag\">vulnerability disclosure<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerability-management\/\" rel=\"category tag\">Vulnerability Management<\/a>","tag_info":"Vulnerability Management","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8452","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8452"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8452\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8452"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8452"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8452"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8452,"date":"2026-03-20T11:22:08","date_gmt":"2026-03-20T16:22:08","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=88330"},"modified":"2026-03-20T11:22:08","modified_gmt":"2026-03-20T16:22:08","slug":"ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2026\/03\/20\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users\/","title":{"rendered":"Ubiquiti defect poses account takeover risk for UniFi Networking Application users"},"content":{"rendered":"