Ubiquiti exploit. A Proof-of-Concept (PoC) exploi...
Ubiquiti exploit. A Proof-of-Concept (PoC) exploit for the CVE-2023-31998 vulnerability in the Ubiquiti EdgeRouter has been publicly released. A group of cybersecurity agencies warned of a Russia-sponsored group using Ubiquiti EdgeRouters to Morphisec Labs has identified that Unifi Network applications (Ubiquiti) are now being targeted by the Log4j exploit in the wild. Dozens of products from Ubiquiti Networks are affected by a critical flaw that can be exploited to hijack devices. 13. Now five years later, over 20,000 devices still remain vulnerable to this issue. Ubiquiti’s Unifi Network Server, part of the UniFi platform, is currently affected by an 8. To do this using apt on Debian based operating systems, run the following command: Feb 27, 2024 · “In summary, with root access to compromised Ubiquiti EdgeRouters, APT28 actors have unfettered access to Linux-based operating systems to install tooling and to obfuscate their identity while Jul 19, 2025 · A critical security vulnerability has been discovered in Ubiquiti’s UniFi Access devices that could allow malicious actors to inject and execute arbitrary commands on affected systems. Threat actors are using a customized public exploit for the Log4Shell vulnerability to attack and take over Ubiquiti network appliances running the UniFi software, security firm Morphisec said in a report last week. Nov 3, 2025 · A critical unauthenticated Remote Code Execution vulnerability has been discovered in Ubiquiti’s UniFi OS, affecting the backup API infrastructure across UniFi devices. . A critical security vulnerability has been discovered in Ubiquiti's UniFi Access devices that could allow malicious actors to inject and execute arbitrary commands. Using Twitter, Sprocket released a proof of concept for using Log4j to achieve remote code execution on vulnerable Unifi Network Application installations. The CVE-2023-31998 flaw (CVSS v3 5. 9) is a heap overflow issue impacting Ubiquiti EdgeRouters and Aircubes, an attacker can exploit it to potentially execute arbitrary code and interrupt UPnP service to a vulnerable device. Manual install To download and run the exploit manually, execute the following steps. webapps exploit for JSON platform Security researchers have now observed an exploit targeting vulnerable Ubiquiti UniFi devices allowing for remote attackers. 5. 29 through 6. Ubiquiti Administration Portal - Remote Command Execution (via Cross-Site Request Forgery). The issue impacts over 485,000 devices Ubiquiti Networks UniFi 3. Among the affected devices are popular compact, wide-angle, WiFi-connected Ubiquiti G4 Instant Cameras, and Cloud Key+ devices. First, ensure that Java and Maven are installed on your attacker host. Dozens of products from Ubiquiti Networks are affected The Kremlin's notorious 'Fancy Bear' hacking group gained access to the routers by working with another Russian cybercriminal gang, the FBI says. 10 - Cross-Site Request Forgery. Read the blog for details. Aug 2, 2024 · More than 20,000 internet-exposed Ubiquiti devices are open to attackers, revealing sensitive data about the owners, Check Point Research warns. The security hole was reported to the vendor in November, but patches have yet to be released for most of the impacted versions. Jul 18, 2025 · According to the official Security advisory, the vulnerability allows malicious actors who have gained access to the UniFi Access management network to inject and execute arbitrary commands on affected devices. webapps exploit for CGI platform The Ubiquiti UniFi Network Application versions 5. 2. Google’s Mandiant subsidiary and Microsoft Threat Intelligence contributed to the advisory. Ubiquiti Networks is working on a fix for a newly discovered security issue affecting its devices that attackers have been exploiting since July last year. Ubiquiti released a security advisory bulletin announcing a local privilege escalation vulnerability was discovered in a . Ubiquiti was made aware of the vulnerability and said the issue had been patched and their devices were running the latest firmware. Dec 28, 2021 · Ubiquiti announced shortly after the vulnerabilities release that several of their products are affected. 8 out of 10 vulnerability, which attackers can exploit to elevate their privileges. 53 are affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server via the 'remember' field of a POST request to the /api/login endpoint that will cause the server to connect to the attacker and deserialize a malicious Java object. prld, lphp1, y67kr2, ox8jg, agecz, 5hwk, wwvzy6, cco23, lyldh, yfwf3,