Unifi security issues

[Notconnected]

To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.

Accept third party cookies

Is this for real, or a miss configuration.

 

[ColinTaylor]

Is this for real,

Well the title is wrong because his data wasn't leaked.

or a miss configuration.

This. Apparently he was using an older method of configuring the firewall rather than the current "zone" based firewall. Sounds like a case of RTFM.

 

[Tech9]

Most likely what is happening here is accidental misconfiguration of a gateway using external Network application software. UXG-Lite gateway doesn't have built-in controller. In theory when adopting a gateway with no controller the rules for it are created automatically. On gateways with controller built-in the firewall rules are pre-configured already to block everything incoming by default. The old method of configuring the firewall is still allowed, but since the zone matrix is not present it limits the visibility of the end result. Making a mistake becomes much easier.

All the firewall rules represented with "wall" icon are custom rules created by the user. The ones with "padlock" icon are the default ones and they can't be changed or deleted. The firewall in this video doesn't appear to be in default configuration state. The statement "what they have" (UniFi) is incorrect, it's more like "what I have" (the user). Why they have it this way with custom rules for whatever is already blocked by default - I don't know. Perhaps this gateway has to be deleted from the Network application and adopted again in order to restore the default state.