CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account.
CVE-2026-34909CVSS 10.0CISA KEVKnown Exploited

CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account.

CVSS
10.0 CRITICAL
EPSS
80.92%
Known exploited
yes
Product
UniFi OS

What is known

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account.

Sources