Improper Access Control in UniFi OS by Ubiquiti Network Devices
CVE-2026-55116

9CRITICAL

Key Information:

Vendor
CVE Published:
2 July 2026

What is CVE-2026-55116?

A vulnerability exists in certain devices running UniFi OS, allowing a malicious actor with network access to exploit improper access control. This may lead to unauthorized modifications of device configurations under specific network conditions. Administrators are advised to apply security patches and follow best practices to secure their network devices from potential exploitation.

Affected Version(s)

Cloud Gateways 0 < 5.1.19

Dream Machines 0 < 5.1.19

Dream Routers 0 < 5.1.19

References

CVSS V3.1

Score:
9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.