1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Worm infects unpatched Ubiquiti wireless devices

Discussion in 'CSO' started by RSS, May 20, 2016.

  1. RSS

    RSS New Member Member

    Routers and other wireless devices made by Ubiquiti Networks have recently been infected by a worm that exploits a year-old remote unauthorized access vulnerability.

    The attack highlights one of the major issues with router security: the fact that the vast majority of them do not have an auto update mechanism and that their owners hardly ever update them manually.

    The worm creates a backdoor administrator account on vulnerable devices and then uses them to scan for and infect other devices on the same and other networks.

    MORE ON CSO:Mobile Security Survival Guide

    "This is an HTTP/HTTPS exploit that doesn't require authentication," Ubiquiti said in an advisory. "Simply having a radio on outdated firmware and having its http/https interface exposed to the Internet is enough to get infected."

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page