wid-sec-w-2026-0784 · Published 2026-03-18 · View on BSI CERT-Bund ↗

Ubiquiti UniFi Network Application: Multiple Vulnerabilities allow Privilegieneskalation

CVSS 10.0 CRITICAL

Risk Summary

Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Ubiquiti UniFi Network Application ausnutzen, um seine Privilegien zu erhöhen.

CVEs (2)

CVE-2026-22557 CVE-2026-22558

Affected Vendors

Ubiquiti

Affected Products (8)

Ubiquiti · UniFi Network application <10.1.89

Ubiquiti · UniFi Network application 10.1.89

Ubiquiti · UniFi Network application <10.2.97

Ubiquiti · UniFi Network application 10.2.97

Ubiquiti · UniFi Express <4.0.13

Ubiquiti · UniFi Express 4.0.13

Ubiquiti · UniFi Network application <9.0.118

Ubiquiti · UniFi Network application 9.0.118

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more