CVE-2026-34911

EUVD-2026-31387
A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to obtain sensitive information.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.7 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
uiunifi_os_server
𝑥
< 5.0.8
uiunifi_cloud_gateway_industrial_firmware
𝑥
< 5.1.12
uiunifi_dream_machine_firmware
𝑥
< 5.1.12
uiunifi_dream_machine_pro_firmware
𝑥
< 5.1.12
uiunifi_dream_machine_special_edition_firmware
𝑥
< 5.1.12
uiunifi_dream_machine_pro_max_firmware
𝑥
< 5.1.12
uienterprise_fortress_gateway_firmware
𝑥
< 5.1.12
uiunifi_dream_wall_firmware
𝑥
< 5.1.12
uiunifi_dream_router_firmware
𝑥
< 5.1.12
uiunifi_dream_router_7_firmware
𝑥
< 5.1.12
uiunifi_express_7_firmware
𝑥
< 5.1.12
uiunifi_network_video_recorder_firmware
𝑥
< 5.1.12
uiunifi_network_video_recorder_pro_firmware
𝑥
< 5.1.12
uiunifi_network_video_recorder_instant_firmware
𝑥
< 5.1.12
uienterprise_network_video_recorder_firmware
𝑥
< 5.1.12
uiunifi_cloud_gateway_ultra_firmware
𝑥
< 5.1.12
uiunifi_cloud_gateway_max_firmware
𝑥
< 5.1.12
uiunifi_cloud_gateway_fiber_firmware
𝑥
< 5.1.12
uiunifi_dream_router_5g_max_firmware
𝑥
< 5.1.12
uienterprise_network_video_recorder_core_firmware
𝑥
< 5.1.12
uiunifi_cloud_key_plus_firmware
𝑥
< 5.1.12
uiunifi_cloudkey_firmware
𝑥
< 5.1.12
uiunifi_cloudkey_enterprise_firmware
𝑥
< 5.1.12
uiunifi_network_video_recorder_g2_firmware
𝑥
< 5.1.12
uiunifi_network_video_recorder_g2_pro_firmware
𝑥
< 5.1.12
uiunifi_dream_machine_beast_firmware
𝑥
< 5.1.11
uiunas_2_firmware
𝑥
< 5.1.10
uiunas_4_firmware
𝑥
< 5.1.10
uiunas_pro_firmware
𝑥
< 5.1.10
uiunas_pro_4_firmware
𝑥
< 5.1.10
uiunas_pro_8_firmware
𝑥
< 5.1.10
𝑥
= Vulnerable software versions