Menu
What's new
By:
Filters Better Search

Ubiquiti APs Under Attack Using Exploit Patched Last Year

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

thiggins

thiggins

Mr. Easy
Staff member
ubnt-logo.jpg
Dan Goodin reports that attackers are targeting a flaw in theUbiquiti's AirOS that runs many of its wireless routers and access points. The vulnerability allows attackers to gain access to devices via HTTP or HTTPS without authentication and changes the infected device's password files.

A patch for the flaw was issued last July, but apparently hasn't been widely installed.

Check Dan's article for the full details.
 
I see the usernames "ubnt" and "mother" quite a bit in my ssh logs (failed attempts that is...)

Definitely patch up and watch those outside ports - filter them to trusted networks only
 
Note (to anyone concerned) that since Ubiquiti access points use the Unifi software (separate platform from AirOS) that these are not affected.

This will affect Ubiquiti's point-to-point wireless gear, their AirRouter/AirRouter HP line, and the Toughswitch.
 
You must log in or register to reply here.

Similar threads

U
11,809 WiFi routers in India vulnerable to cyber attack: Here's how you can be safe
Replies
0
Views
1K
ulaganath
U
Similar threads
Thread starter Title Forum Replies Date
R Local management for Open Mesh APs? General Wireless Discussion 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 772 (members: 25, guests: 747)
Top