20K Ubiquiti IoT Cameras & Routers Are Sitting Ducks for Hackers

In the cloud, patches disseminate automatically. On your computer, you get notified. IoT devices, meanwhile, can escape attention for years on end.

Tens of thousands of small office/home office (SOHO) devices
sold by Ubiquiti Inc.
are vulnerable on the open Internet to a five-year-old bug, researchers are warning.
In January 2019, broadband Internet
expert Jim Troutman warned
that an exposed port in dozens of Ubiquiti Internet of Things (IoT) gadgets was being exploited in denial-of-service (DoS) attacks. The underlying vulnerability, CVE-2017-0938, was assigned a high 7.5 score on the CVSS scale.
Seven months after that, researchers from Rapid7 were still able to find
nearly 500,000 vulnerable devices
. And now, even though Ubiquiti has long since acknowledged and patched the issue, around 20,000 devices remain vulnerable, Check Point Research
noted in a new blog post
.
We can see that some of them were compromised, says Radoslaw Madej, vulnerability research team leader at Check Point Software. Also, Ive only done pretty rudimentary fingerprinting of the devices. Its quite possible that there are more of them [compromised] too.
Check Point also warned that besides being
used in a SOHO botnet
for DoS attack amplification, compromised devices can leak potentially sensitive data, too.
In probing Ubiquiti gadgets like the G4 Instant Camera — an Internet-enabled camera with two-way audio — Check Point homed in on port 10001, where the exposed process was first identified five years ago. The service at issue: Ubiquitis discovery protocol, used to communicate between the device and its CloudKey+ controller.
Using spoofed packets, the Check Point researchers discovered that communicating with neither the CloudKey+ nor its connected devices required any sort of authentication. Further, the messages they received in response to their pings included specific information about the devices, plus their owners names and locations.
In a few instances, actually, there was a first name and the last name of a person, and what turned out to be a location where a Ubiquiti router was located, Madej recalls. All this information … it took only one packet from me to receive that response.
If I wanted to attack this entity, it would be easy for me, knowing the type of router they have, the name of the person, the exact software version, and their business address. [I could] find their contact details, and call them up saying: Hey, Im calling from your Internet provider. I need to do some maintenance work. Provide me with access to the admin panel. Because I can validate myself to this person by giving them all the information they need.
Patched Ubiquiti products have a safeguard against Internet-based attacks: They do not respond to pings coming from the wider Web, only from internal IP addresses.
Despite the easy availability of such a simple fix, tens of thousands affected products in the wild remain unpatched. This seems to have a lot less to do with Ubiquiti itself than
IoT security in general
.
We got used to patching our Windows machines and MacBooks and mobile phones and whatnot, but were still not really used to the fact that we should also take care about our IoT devices, be it Wi-Fi routers, cameras,
vacuum cleaners, fridges, and washing machines
, Madej says.
Of course, he adds, the question is: To what extent an end user should even be bothered about it. We live in a time when all devices should have
automatic updates enabled by default
. I dont think that should be a concern of the end user.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
20K Ubiquiti IoT Cameras & Routers Are Sitting Ducks for Hackers