Ubiquiti devices vulnerable to new attack

Discussion in 'Networking, Telephony & Internet' started by Gunna, Feb 5, 2019.

  1. Gunna

    Gunna Member

    Joined:
    Dec 25, 2001
    Messages:
    6,687
    Location:
    Brisbane
  2. bart5986

    bart5986 Member

    Joined:
    Jan 31, 2006
    Messages:
    3,115
    Location:
    Brisbane
    So only an issue if you want remote access on your device I guess?
     
  3. power

    power Member

    Joined:
    Apr 20, 2002
    Messages:
    56,695
    Location:
    brisbane
    no it's a discovery service and appears to be enabled out of the box configurations. Appears to be a larger problem with some ISP provided devices.

    https://community.ubnt.com/t5/EdgeRouter/UDP-broadcasts-on-port-10001/td-p/461223

    https://blog.rapid7.com/2019/02/01/ubiquiti-discovery-service-exposures/

     
  4. davros123

    davros123 Member

    Joined:
    Jun 18, 2008
    Messages:
    2,916
    all in all a pretty innocuous attack that will be patched soon.
    The hacked equipment was (in my reading) not related to this and was just weakly protected in the first place.
     
    Last edited: Feb 6, 2019
  5. power

    power Member

    Joined:
    Apr 20, 2002
    Messages:
    56,695
    Location:
    brisbane
    if people update their devices.... if they are isp supplied they might not get patched.
     
  6. Doc-of-FC

    Doc-of-FC Member

    Joined:
    Aug 30, 2001
    Messages:
    3,247
    Location:
    Canberra
    Most telco sized edge routers should be able to filter inbound traffic to a UDP port at little cost. Why the management interface is exposed to an accessible network is well beyond me.
     
  7. Quadbox

    Quadbox Member

    Joined:
    Jun 27, 2001
    Messages:
    6,089
    Location:
    Brisbane
    Any isps on earth supplying edgerouters? They seem a very odd choice if you're not at least a little savvy
     

Share This Page