Summary
Ubiquiti patched five vulnerabilities in UniFi OS, including three critical flaws (CVSS 10.0) that allow unauthenticated remote attackers to execute commands, access files, and take over management consoles.
Take Action:
Make sure all your UniFi devices (UDM, UNVR, UCG gateways, Cloud Keys, etc.) are isolated from the internet and accessible only from trusted networks. Then immediately update UniFi OS to the latest patched version for your model (5.1.12+ for most hardware, 5.0.8 for UniFi OS Server, 4.0.14 for Express) to fix critical flaws that let attackers fully take over your devices without any credentials.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)