FKIE_CVE-2026-34909
Vulnerability from fkie_nvd - Published: 2026-05-22 02:16 - Updated: 2026-06-24 14:49
Severity
Summary
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account.
References
Impacted products
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"product": "UniFi OS Server",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.0.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "4.0.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-SE",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Pro-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDM-Beast",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EFG",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDW",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UDR-5G",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Express 7",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-Instant",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNVR-G2-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ENVR-Core",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-2",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-4",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNAS-Pro-8",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCKP",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCK-Enterprise",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Ultra",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Max",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Fiber",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UCG-Industrial",
"vendor": "Ubiquiti Inc",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"source": "support@hackerone.com"
}
],
"cisaActionDue": "2026-06-26",
"cisaExploitAdd": "2026-06-23",
"cisaRequiredAction": "Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA\u2019s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA\u2019s \u201cForensics Triage Requirements\u201d (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset\u0027s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.",
"cisaVulnerabilityName": "Ubiquiti UniFi OS Path Traversal Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ui:unifi_os_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "660F20FA-9862-4FE1-8C27-0AEAEE2F2A69",
"versionEndExcluding": "5.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_cloud_gateway_industrial_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37D51815-9B4B-4753-9907-141E183A29AE",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_cloud_gateway_industrial:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABDECBF6-CB92-4AF6-A3AB-D4AA4635B688",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_dream_machine_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C302996-B127-48DD-9652-44C120351EE2",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_dream_machine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33E04DDA-88A0-47C1-8AE2-2F59B1A08BAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_dream_machine_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C4EB63-3ED5-4A5E-9C70-446159333C34",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B493983E-8632-4492-9B0A-E8E11E0E0BB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_dream_machine_special_edition_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDF1A5E-2127-4F22-88FE-72185E1D102D",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_dream_machine_special_edition:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF52155-86F1-458A-8B7E-355B67C5C819",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_dream_machine_pro_max_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "131427ED-219F-44D7-AF4C-1EE2EBF0C0FF",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_dream_machine_pro_max:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60808A48-C41A-448F-97C4-B1CD8DCCB4DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:enterprise_fortress_gateway_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD13CAB-C444-43CF-8E56-D3B3EF5208FC",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:enterprise_fortress_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C87C188-7982-4DFF-98F1-58511360F3E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_dream_wall_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4991C6F7-E443-4CA3-8EA5-C71D1252B300",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_dream_wall:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9B6514E-2878-4AEE-BF1E-08B804C069FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_dream_router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D73F0DB-0E95-44B0-9CC0-BFEBB0582ECC",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_dream_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1FF6A5E-A223-4F57-9FFD-F2AE473B3627",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_dream_router_7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAF5DAD-7403-4811-B2F3-490F72CB5C0D",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_dream_router_7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A41E5541-FC13-430C-BDCA-CC677B372D7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_express_7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56E176C6-07DB-4E14-B41C-4AC34CAAC1B7",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_express_7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD0201D-D5C9-4CE7-A302-467F602D73D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_network_video_recorder_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EC49DF3-4CB0-491E-A4E9-46EE6C2CDD3C",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_network_video_recorder:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D7AF0C-CF50-485D-8471-9AB1AA6471CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_network_video_recorder_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D83F4DFB-C975-4E3C-A045-AAE24EB7C54F",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_network_video_recorder_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87FB08DA-35EA-4C27-AA5F-2B7AE25D58FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_network_video_recorder_instant_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E78B7448-6777-4488-BDA9-C0514FC7BB6B",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_network_video_recorder_instant:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC8EB74F-F32A-4A5E-B613-58F2F7BC24CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:enterprise_network_video_recorder_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFB1B14-CFB2-45D3-AA35-FBA93A4D5606",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:enterprise_network_video_recorder:-:*:*:*:*:*:*:*",
"matchCriteriaId": "348BBC75-CA5B-4B38-A2CF-28313B7168F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_cloud_gateway_ultra_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA783309-29D0-40C6-9B4A-D961A486CBCC",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_cloud_gateway_ultra:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C468BFA-A87B-4A3F-B12C-B3BCE225167C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_cloud_gateway_max_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20690D42-B607-4E40-8D87-B8715838BD1F",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_cloud_gateway_max:-:*:*:*:*:*:*:*",
"matchCriteriaId": "022225AB-7AF9-4F7A-97A2-CD8700DEA087",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_cloud_gateway_fiber_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1DF011-B148-4706-90D9-55DB0FD9A3E2",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_cloud_gateway_fiber:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01C00466-E414-4DF7-8752-93D3D77C5104",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_dream_router_5g_max_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F12DAB1-E58E-4044-A799-792A3DD59642",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_dream_router_5g_max:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA957B87-E4D2-4B7C-AC27-200BFC44477E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:enterprise_network_video_recorder_core_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47600BC6-7DDF-4ABA-A0C6-1E3C6C4E67B1",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:enterprise_network_video_recorder_core:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD22580F-1E63-48F0-BE9C-1EA9328DD539",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_cloud_key_plus_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29802116-2569-4863-B830-AF6C054BCDE2",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_cloud_key_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4ED829-08E6-4330-B105-DC01A3159C90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_cloudkey_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "638BF6B4-4DBF-43C7-A355-3FE897029F2D",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_cloudkey:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A484BC77-24D3-423F-AC16-3341C3396BA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_cloudkey_enterprise_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E132D457-330E-43DF-BC6D-956A9C65E9C5",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_cloudkey_enterprise:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD7812E-3548-4B2C-9416-DEE0985AB07C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_network_video_recorder_g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBED72-FDF6-4487-B6FA-AEF0BBA7BF07",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_network_video_recorder_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FF59AE-F5F6-4539-97EC-5157F67FD055",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_network_video_recorder_g2_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B19E2F5-A96A-45E5-B625-435C5951BEB0",
"versionEndExcluding": "5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_network_video_recorder_g2_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29A3E3E6-68EF-43E6-9AB3-AD52FCADE57F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_dream_machine_beast_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1D3765-2301-4C60-BC5E-865650E214E5",
"versionEndExcluding": "5.1.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_dream_machine_beast:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82A0A6D7-4361-49AD-87E3-3FB32A958C4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unas_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16AF18D8-1301-4B8D-AD23-5EF5BB2182AA",
"versionEndExcluding": "5.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unas_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FC98765-1006-49C1-9464-92428738170A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unas_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "522AF8E6-5095-42D0-AAC5-38DBC76536F4",
"versionEndExcluding": "5.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unas_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A68133D0-7571-4E6C-A5F5-AAD2DFE91B80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unas_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ACD7950-1346-460C-9B07-6A57103E1298",
"versionEndExcluding": "5.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unas_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0AD026-E7CD-4783-8B5B-BF50CFEF8F37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unas_pro_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B75FAFD-6176-4B36-85B9-9D9FB314FCF0",
"versionEndExcluding": "5.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unas_pro_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A57444B-B60E-4AE0-A198-C85546D94126",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unas_pro_8_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7EECEA-6628-4CD7-A336-78D8AEBD049A",
"versionEndExcluding": "5.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unas_pro_8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63EC6593-E65D-4287-BB47-0EC53BCA7BAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_express_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C77E9DE-FA81-4097-B24A-CA2C76C8B129",
"versionEndExcluding": "4.0.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_express:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E793FAA6-55B5-4C10-84EA-0A3EFDAEF5E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account."
}
],
"id": "CVE-2026-34909",
"lastModified": "2026-06-24T14:49:53.287",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-34909",
"options": [
{
"exploitation": "active"
},
{
"automatable": "yes"
},
{
"technicalImpact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T00:00:00+00:00",
"version": "2.0.3"
}
}
]
},
"published": "2026-05-22T02:16:34.390",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34909"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.pwndefend.com/2026/06/09/cve-2026-34910-exploitation-itw-building-a-botnet-mirai/"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…