logo
logo

Worm infects unpatched Ubiquiti wireless devices

avatar
Robert Sanchez
May 20, 2016 07:47
img

The vulnerability has been known for almost a year, but many users haven't applied the patches

The Ubiquiti Networks AirRouter

Routers and other wireless devices made by Ubiquiti Networks have recently been infected by a worm that exploits a year-old remote unauthorized access vulnerability.

"This is an HTTP/HTTPS exploit that doesn't require authentication," Ubiquiti said in an advisory.

"Simply having a radio on outdated firmware and having its http/https interface exposed to the Internet is enough to get infected."

The vulnerability was reported privately to Ubiquiti last year through a bug bounty program and was patched in airMAX v5.6.2, airMAX AC v7.1.3, airOS 802.11G v4.0.4, TOUGHSwitch v1.3.2, airGateway v1.1.5, airFiber AF24/AF24HD 2.2.1, AF5x 3.0.2.1 and AF5 2.2.1.

Ubiquiti Networks has also created a Java-based application that can automatically remove the infection from affected devices.

It can be used on Windows, Linux and OS X.

Router security is particularly bad in the consumer market, where large numbers of routers can remain vulnerable to known vulnerabilities for years and can be compromised en masse to create distributed denial-of-service DDoS botnets or to launch man-in-the-middle attacks against their users.

collect
0
avatar
Robert Sanchez
May 20, 2016 07:47
guide
Zupyak is a free content platform for publishing and discovering stories, software and startups.