Exposures › CVE-2026-34909
Ubiquiti UniFi OS path traversal vulnerability allows attackers to access and manipulate system files to compromise underlying accounts.
This path traversal flaw in Ubiquiti UniFi OS enables attackers with network access to read and manipulate system files, potentially leading to unauthorized account access. DIB organizations must ensure all Ubiquiti hardware is patched immediately to prevent supply-chain compromise and maintain NIST 800-171 compliance. Failure to patch exposes critical infrastructure to unauthorized data access and potential ransomware entry.
Shame score — A known path traversal vulnerability that allows file access but does not directly enable remote code execution.
Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on the underlying system that could be manipulated to access an underlying account.
No correlated FedRAMP products.