> TritonInfoSec News
Home / Jun 09, 2026 / Story
0
#7 BleepingComputer general June 08, 2026 at 15:51 UTC

Critical UniFi OS bug lets hackers gain root without authentication

By Bill Toulas

AI Summary

Researchers disclosed a chain of three previously fixed vulnerabilities in Ubiquiti's UniFi OS server that can be combined to achieve unauthenticated remote code execution with root privileges. The exploit chain requires no authentication and targets internet-facing UniFi devices, which are widely deployed in enterprise and prosumer networks. Ubiquiti has issued patches and administrators should update UniFi OS immediately.

Read full article → https://www.bleepingcomputer.com/news/security/cri…

Relevance score: 83.0/100

# More from June 09

  1. 1
    Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups The Hacker News
  2. 2
    One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public The Hacker News
  3. 3
    Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order The Hacker News
  4. 4
    UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign The Hacker News
  5. 5
    New Shai-Hulud attack trojanizes 19 science-focused PyPI packages BleepingComputer
  6. 6
    VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances The Hacker News
  7. 8
    For the 2nd time in weeks, Microsoft packages laced with credential stealer Ars Technica Security
  8. 9
    Over 20,000 Instagram accounts stolen in Meta AI support hack BleepingComputer
  9. 10
    SolarWinds Serv-U Vulnerability Exploited in the Wild SecurityWeek