Threat Advisory

Ubiquiti UniFi OS Vulnerabilities Enable Privilege Escalation

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: Critical
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in Ubiquiti's UniFi OS and associated components, affecting devices such as the UniFi Dream Machine (UDM), UniFi Dream Router (UDR), UniFi Network Video Recorder (UNVR), and Express models. The flaws span command injection, privilege escalation, path traversal, and improper access control across UniFi OS Server version 5.1.15 and UID Enterprise Agent version 1.61.4. Exploitation can allow unauthenticated attackers to execute arbitrary commands, hijack devices, extract sensitive data, and alter network configurations. The resulting risk includes total network compromise, loss of confidential information, and severe disruption to business operations.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in Ubiquiti's UniFi OS and associated components, affecting devices such as the UniFi Dream Machine (UDM), UniFi Dream Router (UDR), UniFi Network Video Recorder (UNVR), and Express models. The flaws span command injection, privilege escalation, path traversal, and improper access control across UniFi OS Server version 5.1.15 and UID Enterprise Agent version 1.61.4. Exploitation can allow unauthenticated attackers to execute arbitrary commands, hijack devices, extract sensitive data, and alter network configurations. The resulting risk includes total network compromise, loss of confidential information, and severe disruption to business operations.[emaillocker id="1283"]

  • CVE-2026-47367 – A command injection flaw in the UID Enterprise Agent that lets a low‑privileged user inject OS commands; exploitation requires network access to the agent.
  • CVE-2026-47368 – A path traversal vulnerability in UniFi OS enabling remote unauthenticated attackers to read arbitrary files; no privileges are needed.
  • CVE-2026-47369 – Privilege escalation in UniFi OS that allows an attacker to gain higher system rights after an initial foothold; requires local access.
  • CVE-2026-47370 – Another privilege escalation issue in UniFi OS permitting execution of code with root privileges; prerequisite is a compromised low‑privilege account.
  • CVE-2026-48610 – Improper access control bug that permits unauthorized configuration changes; attackers can modify network settings remotely with basic network connectivity.

These vulnerabilities collectively give attackers the ability to take full control of UniFi infrastructure, making rapid remediation essential. If exploited, organizations could suffer network-wide outages, data breaches, and loss of customer trust, directly impacting revenue and brand reputation.

RECOMMENDATION:

  • We recommend you to update UniFi OS Server to version 5.1.15 and update UID Enterprise Agent to version 1.61.4.

REFERENCES:

The following reports contain further technical details:
https://securityonline.info/unifi-os-vulnerabilities-cvss-9-9/

[/emaillocker]
crossmenu