Skip to content
May 17 / Greg

Ubiquiti HTTP HTTPS Exploit

As I’m sure all of you are aware(we get it Mike), UBNT has a major exploit in older versions of firmware. These allow an attacker to exploit an UBNT device via HTTP/HTTPS without the need for login credentials. I believe it currently either resets the device to default or “locks it up.”

Below is a chart of good firmwares, everything below should be updated:
ubnt-exploit

This is so serious they’ve also added an Android removal tool here.

Please block external access to your radios if you haven’t already. This is a best practice, and as this exploit shows it is a standard practice. Update and be safe my friends.

Leave a Comment

 

*