Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
10.0
CVE-2026-34909: UniFi OS: Malicious network access can access system files
CVE-2026-34909
Summary
UniFi OS devices have a security weakness that allows an attacker with network access to access sensitive files on the system. This could potentially be used to gain further access to the system. To protect against this, ensure that your UniFi OS devices are up to date with the latest security patches.
Original title
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an u...
Original description
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account.
nvd CVSS3.1
10.0
Vulnerability type
CWE-22
Path Traversal
Published: 22 May 2026 · Updated: 28 May 2026 · First seen: 22 May 2026