CVE-2026-22557 | THREATINT

Description

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated to access an underlying account.

PUBLISHED Reserved 2026-01-07 | Published 2026-03-19 | Updated 2026-03-19 | Assigner hackerone

CRITICAL: 10.0CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Product status

Default status

unaffected

10.1.89 (semver) before 10.1.89

affected

10.2.97 (semver) before 10.2.97

affected

9.0.118 (semver) before 9.0.118

affected

References

community.ui.com/...062/c29719c0-405e-4d4a-8f26-e343e99f931b

cve.org (CVE-2026-22557)

nvd.nist.gov (CVE-2026-22557)

Download JSON