| |

Ubiquiti Routers have a vulnerability – how to fix it

In a previous post I suggested using the Edge Router X from Ubiquiti as a firewall and to segment your networks thanks to its five segregated ports.

I still consider it a great device, but it turns out that Ubiquiti networks devices are being remotely exploited, via port 10001 discoveryservice. This results in loss of device management, and is also being used as a weak UDP DDoSamplification attack.
Ubiquity Routers do have a command to turn this off: https://community.ubnt.com/t5/EdgeRouter/UDP-broadcasts-on-port-10001/td-p/461223

Login to your router enter the CLI interface, and type the following commands:

ubnt@ubnt:~$ configure
ubnt@ubnt# set service ubnt-discover disable
ubnt@ubnt# commit
ubnt@ubnt#

After that your Ubiquiti router is safe again.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.