{"id":226815,"date":"2026-03-20T12:30:00","date_gmt":"2026-03-20T16:30:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/20\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users\/"},"modified":"2026-03-23T16:35:18","modified_gmt":"2026-03-23T20:35:18","slug":"ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/20\/ubiquiti-defect-poses-account-takeover-risk-for-unifi-networking-application-users\/","title":{"rendered":"Ubiquiti defect poses account takeover risk for UniFi Networking Application users"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/ubiquiti-unifi-networking-application-vulnerability\/\">Ubiquiti defect poses account takeover risk for UniFi Networking Application users<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/ubiquiti-unifi-networking-application-vulnerability\/\">https:\/\/cyberscoop.com\/ubiquiti-unifi-networking-application-vulnerability\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-20 12:30:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>Researchers and threat hunters are scrambling to contain a maximum-severity defect in Ubiquiti\u2019s UniFi Network Application that attackers could exploit to take over user accounts by accessing and manipulating files.<\/p>\n<p>The path-traversal vulnerability \u2014 CVE-2026-22557 \u2014 affects software used to manage UniFi networking devices, including access points, gateways and switches. The vendor disclosed and released patches for the defect in a security advisory Wednesday.<\/p>\n<p>\u201cAs of this morning, we have not observed any public proof-of-concept exploits or confirmed reports of exploitation in the wild,\u201d Matthew Guidry, senior product detection engineer at Censys, told CyberScoop.<\/p>\n<p>\u201cHowever, because this is a path-traversal vulnerability, the technical complexity for an attacker is typically lower than memory-corruption or buffer-overflow bugs,\u201d he added. \u201cGiven that the CVSS 10 rating implies low attack complexity, we anticipate that once the specific vulnerable endpoint is identified, exploitation will be trivial to automate.\u201d<\/p>\n<p>Censys sensors observed nearly 88,000 UniFi Network Application hosts publicly exposed to the internet as of Friday morning. The software doesn\u2019t expose what version it\u2019s running, so scans cannot distinguish between vulnerable and patched instances.<\/p>\n<p>Roughly one-third of the exposed instances of UniFi Network Application are located in the United States.\u00a0<\/p>\n<p>As a defender, when you see a CVSS 10 for a product you immediately recognize and know is everywhere, you probably get a bit anxious,\u201d Guidry said. \u201cYou also know it\u2019s remotely exploitable, requires no authentication, and needs no user interaction, because it wouldn\u2019t be a 10 if it wasn\u2019t. Ubiquiti is a name you hear frequently, and many of those devices are sitting directly on the internet.\u201d<\/p>\n<p>Ubiquiti advises UniFi Network Application users to update to the latest software versions, which also addressed a second vulnerability \u2014&#8230;<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/ubiquiti-unifi-networking-application-vulnerability\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ubiquiti defect poses account takeover risk for UniFi Networking Application users https:\/\/cyberscoop.com\/ubiquiti-unifi-networking-application-vulnerability\/ Publish Date: 2026-03-20&#8230;<\/p>\n","protected":false},"author":1,"featured_media":226816,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2026\/03\/GettyImages-1205071344.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[31,27],"class_list":["post-226815","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/226815"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=226815"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/226815\/revisions"}],"predecessor-version":[{"id":226817,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/226815\/revisions\/226817"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/226816"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=226815"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=226815"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=226815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}