Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.
9.0

CVE-2026-55116: Unauth Changes to UniFi OS Devices via Network Access

CVE-2026-55116 CVE-2026-55116
Summary

A security issue in UniFi OS devices allows unauthorized access to change settings. This could happen if an attacker is on the same network and has the right setup. To protect your devices, ensure you have strong network security and keep your UniFi OS up to date.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software
VendorProductAffected versions
ubiquiti inc dream machines < 5.1.19
ubiquiti inc enterprise fortress gateway < 5.1.19
ubiquiti inc dream wall < 5.1.19
ubiquiti inc dream routers < 5.1.19
ubiquiti inc express 7 < 5.1.19
ubiquiti inc cloud gateways < 5.1.19
ubiquiti inc enterprise firewall core < 5.1.19
Original title
A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauth...
Original description
A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices.
mitre CVSS3.1 9.0
Vulnerability type
CWE-284 Improper Access Control
Published: 2 Jul 2026 · Updated: 3 Jul 2026 · First seen: 2 Jul 2026