Critical Vulnerabilities in Ubiquiti UniFi OS Devices

Ubiquiti has released Security Advisory Bulletin addressing multiple critical vulnerabilities that could allow an attacker with network access to execute commands, modify system configurations, or access sensitive files

Threat ID:: CC-4800
Threat Severity:: Medium
Published:: 24 June 2026 4:37 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Affected platforms

The following platforms are known to be affected:

A wide range of UniFi OS devices are impacted, including

UniFi OS Server
UniFi Dream Machine (UDM) and related models
Cloud Gateway, Cloud Key, and Network Video Recorder (UNVR) devices
UniFi Attached Storage (UNAS) systems and related appliances
Many platforms; please see Ubiquiti Security Advisory Bulletin 064 for full list

Note: Affected products are listed for individual vulnerabilities; there are 5 sets of affected products throughout the security advisory.

Threat details

Exploitation in the wild

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-34908, CVE-2026-34909 and CVE-2026-34910 vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog.

The NHS England National CSOC assesses further exploitation as highly likely.

Introduction

Ubiquiti has released Security Advisory Bulletin 064 detailing multiple critical vulnerabilities affecting UniFi OS devices, including network gateways, cloud keys, and storage appliances.

Five vulnerabilities have been identified:

CVE-2026-34908 - 'Improper Access Control - Generic' vulnerability - CVSS 3.1 score of 10.
CVE-2026-34909 -'Path traversal allowing access to underlying account' vulnerability - CVSS 3.1 score of 10.
CVE-2026-34910 -'Improper input validation leading to command injection' vulnerability - CVSS 3.1 score of 10.
CVE-2026-33000 - 'Improper Input Validation' vulnerability - CVSS 3.1 score of 9.1.
CVE-2026-34911 - 'Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')' vulnerability - CVSS 3.1 score of 7.7.

All vulnerabilities are exploitable via network access, with some requiring no authentication or user interaction. Exploitation of CVE-2026-34908, CVE-2026-34909 and CVE-2026-34910 has been reported in the wild.

Remediation advice

Affected organisations are encouraged to review the Ubiquiti Security Advisory Bulletin 064 and apply relevant updates as soon as possible.

Definitive source of threat updates

https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b

CVE Vulnerabilities

Status Published

CVE-2026-34908

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.

Status Published

CVE-2026-34909

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account.

Status Published

CVE-2026-34910

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.

Status Published

CVE-2026-33000

A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.

Status Published

CVE-2026-34911

A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to obtain sensitive information.

Last edited: 24 June 2026 4:37 pm