Ubiquiti Routers have a vulnerability – how to fix it
In a previous post I suggested using the Edge Router X from Ubiquiti as a firewall and to segment your networks thanks to its five segregated ports.
I still consider it a great device, but it turns out that Ubiquiti networks devices are being remotely exploited, via port 10001 discoveryservice. This results in loss of device management, and is also being used as a weak UDP DDoSamplification attack.
Ubiquity Routers do have a command to turn this off: https://community.ubnt.com/t5/EdgeRouter/UDP-broadcasts-on-port-10001/td-p/461223
Login to your router enter the CLI interface, and type the following commands:
ubnt@ubnt:~$ configure
ubnt@ubnt# set service ubnt-discover disable
ubnt@ubnt# commit
ubnt@ubnt#
After that your Ubiquiti router is safe again.