Summary
Ubiquiti patched a critical path traversal vulnerability (CVE-2026-22557) and a high-severity NoSQL injection flaw in its UniFi Network Application. These bugs allow attackers to hijack accounts or escalate privileges, potentially compromising entire networking environments.
Take Action:
If you are using Ubiquiti products, update your UniFi Network Application and UniFi Express firmware ASAP. As usual, first make sure all management interfaces are not exposed to the public internet and are accessible only from trusted networks.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)