Ubiquiti device command injection vulnerability granting root access

by sathackr on 3/16/2017, 11:36 PM with 3 comments
  • by bigiain on 3/17/2017, 12:22 AM

    Who's gonna be first to rent a jet ski and go wardriving past Troy Hunt's house? (warsailing? warskiing?)

  • by bigiain on 3/17/2017, 12:24 AM

    A 1997 vintage version of PHP??? _Really?_ Ouch!

    (Also, check out the Vendor contact timeline bit)

  • by sathackr on 3/17/2017, 12:04 AM

    Remotely exploitable with a single GET request. Affects the vast majority of Ubiquiti devices.