—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in UniFi OS

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: CRITICAL

Software Affected

UniFi OS Server Version 5.0.6 and earlier

UCG-Industrial Version 5.0.13 and earlier

UDM, UDM-Pro, UDM-SE, UDM-Pro-Max, EFG, UDW, UDR, UDR7, Express 7, UNVR, UNVR-Pro, UNVR-Instant, ENVR, UCG-Ultra, UCG-Max and UCG-Fiber Version 5.0.16 and earlier

UDR-5G, ENVR-Core, UCKP, UCK and UCK-Enterprise Version 5.0.17 and earlier

UNVR-G2 and UNVR-G2-Pro Version 5.1.11 and earlier

UDM-Beast, UNAS-2, UNAS-4, UNAS-Pro, UNAS-Pro-4 and UNAS-Pro-8 Version 5.1.8 and earlier

Express Version 4.0.13 and earlier

Overview

Multiple vulnerabilities have been reported in UniFi OS which could allow an attacker to execute arbitrary commands, access sensitive information, modify system configurations, compromise user accounts, or perform unauthorized actions on the targeted system.

Target Audience:

All end-user organizations and individuals using UniFi OS.

Risk Assessment:

Risk of arbitrary command execution, unauthorized access, disclosure of sensitive information, account compromise, and modification of system settings.

Impact Assessment:

Potential for arbitrary command execution, unauthorized modification of system configurations, disclosure of sensitive information, account compromise, and complete compromise of the affected system.

Description

UniFi OS is the unified operating system developed by Ubiquiti that runs on UniFi hardware to centrally manage networking, security, and related applications. It provides a common platform for services such as UniFi Network and UniFi Protect.

Multiple vulnerabilities exist in UniFi OS due to improper access control, path traversal, and improper input validation flaws. An attacker could exploit these vulnerabilities by sending specially crafted requests to the affected system.

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary commands, access sensitive information, modify system configurations, compromise user accounts, or perform unauthorized actions on the targeted system.

Solution

Apply appropriate security updates as mentioned in UniFi OS advisory:

https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b

References

UniFi

https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b

CVE Name

CVE-2026-33000

CVE-2026-34908

CVE-2026-34909

CVE-2026-34910

CVE-2026-34911

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmoi4XEACgkQ3jCgcSdc

ys8W4g//fxD25TdsE9YiURKUCGwB52lpKjPZQbbF8uZGBMZ/ZXpHfC6/u2xC91RK

uBd10NzkrwwAuXakUaTm9m3lPmbV8UPa4Dh0RmH32arOZ+TAr/lYv77CTh3gl67r

XMw591gNGMbdlDglbffkii5zGlcSGEsXA1qvrqW+A7QFUgX+ZkH3q7q9wXAMlriD

bFq4w6G1jN5UYkNZjpU02mBmjr/zVuLA6LxsFBKKoxbjK0wBoo1rExrt3/nTh+Eq

ZB0qI6639x/EoO9Lcq7gwWnpSsYdwv/PuxYBbjbjzjk+Ma38FQx1v/EQpoq42iU8

GSKQVeFfJYTS6oV+UOdurl4drDKoZn3i9l65LtaLLB6VWUafeVgfLLTmfiJUKD4f

OeSbuFiycwpLagga7XY5UO3FKpi0Yfjuc4EQWbTwSXuLOzLdPqAKUm8Cw754iK4l

BO5q4VGs0Iz+eVU/ExfzFptqbqoxMTfJcbvKIcsV4oOWTcj3QXrgFv/G2xNJ7LEk

X43MkKu2IXZiF2GGkDqTIBxByXFTCHyONDbZ9UxoduMX4EW4eTbjnfXIjSNLI086

JAMU806SAnll49OjNZSAY1mdAlc1NoRbW4bUzEtWbt/zUppIGdr8OhMtVBT4Zlv7

cK2pI8nGnRoNLP/CaP/b0XPsuOxA4Ee1WqZ0ZWLjBZUAwMzdhd8=

=fiwK

—–END PGP SIGNATURE—–