PT-2026-42657 · Ubiquiti · Unifi Os

Duc Anh Nguyen

+1

·

Published

2026-05-21

·

Updated

2026-07-09

·

CVE-2026-34908

CVSS v3.1

10

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions UniFi OS Server versions prior to 5.0.8
Description An improper access control flaw exists in UniFi OS Server. The issue occurs because nginx evaluates the raw request URI for authentication purposes but performs routing using the normalized URI. This discrepancy allows unauthenticated remote attackers to bypass security controls, access protected endpoints, and execute an exploit chain leading to full root remote code execution (RCE), which is the ability to execute arbitrary commands on the system. This could enable unauthorized reading, modification, or deletion of data and the ability to make unauthorized changes to the system.
Recommendations Update UniFi OS Server to version 5.0.8.

Exploit

Fix

RCE

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-07800
CVE-2026-34908

Affected Products

Unifi Os