The **UniFi** Network Application, also known as the UniFi Controller, is a management software solution used to configure, monitor, and optimize **Ubiquiti UniFi** networking hardware, such as access points, switches, and gateways. It provides real-time traffic dashboards, visual topology maps, and optimization tips. ### Critical Path Traversal Vulnerability The most severe vulnerability, tracked as **CVE-2026-22557**, affects UniFi Network Application version 10.1.85 and earlier. It has been addressed in versions 10.1.89 and later. Successful exploitation of **CVE-2026-22557** could allow unprivileged threat actors to leverage a path traversal vulnerability to access files on targeted devices. This could lead to the hijacking of user accounts through low-complexity attacks that do not require user interaction. "A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated to access an underlying account," the company said in an advisory. **Censys** is currently tracking nearly 29,000 Internet-exposed UniFi Network endpoints, with the majority located in the United States. The number of vulnerable, unpatched instances remains unknown.  *UniFi Network endpoints exposed online (Censys)* ### NoSQL Injection Vulnerability In addition to the path traversal flaw, **Ubiquiti** also patched a second vulnerability in the UniFi Network Application. This flaw could allow authenticated attackers with low privileges to escalate their privileges. "An Authenticated NoSQL Injection vulnerability found in UniFi Network Application could allow a malicious actor with authenticated access to the network to escalate privileges," the company explained. ### Ubiquiti Products as Targets **Ubiquiti** products have become increasingly attractive targets for both state-sponsored actors and cybercriminals. Compromised devices have been used to build botnets for concealing malicious activities. In February 2024, the **FBI** dismantled a botnet of hacked Ubiquiti Edge OS routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) to proxy malicious traffic in attacks targeting the United States and its allies. ## [Red Report 2026: Why Ransomware Encryption Dropped 38%](https://hubs.li/Q043YRMg0) Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight. Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.