CVE-2026-34908

CRITICAL EXPLOITED

Ubiquiti INC UniFi OS Server - Improper Access Control

Title source: rule

Exploitation Summary

CVE-2026-34908 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including BishopFox.

AI-analyzed exploit summary This repository contains a safe detection script for CVE-2026-34908, an unauthenticated RCE chain in UniFi OS Server ≤ 5.0.6. The script probes for the vulnerability without executing any commands, using behavioral checks to determine if the auth bypass reaches the vulnerable handler.

Description

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.

Exploits (1)

github SCANNER

by BishopFox · pythonpoc

https://github.com/BishopFox/CVE-2026-34908-check

View Code ZIP pw:eip

This repository contains a safe detection script for CVE-2026-34908, an unauthenticated RCE chain in UniFi OS Server ≤ 5.0.6. The script probes for the vulnerability without executing any commands, using behavioral checks to determine if the auth bypass reaches the vulnerable handler.

Classification

Scanner 100%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: UniFi OS Server ≤ 5.0.6

No auth needed

Prerequisites: Network access to the target UniFi OS Server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Jun 06, 2026 Full analysis →

References (1)

Core 1

Core References

https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b

Scores

CVSS v3 10.0

EPSS 0.0002

EPSS Percentile 6.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

VulnCheck KEV 2026-06-09

CWE

CWE-284

Status published

Products (31)

Ubiquiti Inc/EFG < 5.1.12

Ubiquiti Inc/ENVR < 5.1.12

Ubiquiti Inc/ENVR-Core < 5.1.12

Ubiquiti Inc/Express 7 < 5.1.12

Ubiquiti Inc/UCG-Fiber < 5.1.12

Ubiquiti Inc/UCG-Industrial < 5.1.12

Ubiquiti Inc/UCG-Max < 5.1.12

Ubiquiti Inc/UCG-Ultra < 5.1.12

Ubiquiti Inc/UCK < 5.1.12

Ubiquiti Inc/UCK-Enterprise < 5.1.12

... and 21 more

Published May 22, 2026

Tracked Since May 22, 2026