Ubiquiti HTTP HTTPS Exploit
As I’m sure all of you are aware(we get it Mike), UBNT has a major exploit in older versions of firmware. These allow an attacker to exploit an UBNT device via HTTP/HTTPS without the need for login credentials. I believe it currently either resets the device to default or “locks it up.”
Below is a chart of good firmwares, everything below should be updated:
This is so serious they’ve also added an Android removal tool here.
Please block external access to your radios if you haven’t already. This is a best practice, and as this exploit shows it is a standard practice. Update and be safe my friends.