PT-2026-42658 · Ubiquiti · Unifi Os

Published

2026-05-21

·

Updated

2026-07-01

·

CVE-2026-34909

CVSS v3.1

10

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions UniFi OS (affected versions not specified)
Description A Path Traversal issue exists in UniFi OS devices due to improper restriction of directory path names. A remote actor with network access can exploit this to access files on the underlying system, which may be further manipulated to gain unauthorized access to an underlying account.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-07799
CVE-2026-34909

Affected Products

Unifi Os