Experts released PoC exploit for Ubiquiti EdgeRouter flaw

securityaffairs.com

Experts released PoC exploit for Ubiquiti EdgeRouter flaw

securityaffairs.com

ijeff@lemdro.idM to

OpenWrt@lemdro.idEnglish · 1 year ago

A Proof-of-Concept (PoC) exploit for the CVE-2023-31998 vulnerability in the Ubiquiti EdgeRouter has been publicly released.

“It is likely that other products relying either directly on upstream miniupnpd, or on router distribution such as openwrt , vyos or dd-wrt still ship today with vulnerable miniupnpd.”

Chat

seemebreakthis@lemm.ee
link
fedilink
English
arrow-up
2·
1 year ago
2 conditions

uPnP enabled

attacker must be on LAN

Doesn’t sound like an overly serious threat

OpenWrt@lemdro.id

openwrt@lemdro.id

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !openwrt@lemdro.id

OpenWrt news, tools, tips and discussion. Related projects, such as DD-WRT, Tomato and OpenSAN, are also on-topic.

Rules

Stay on topic: All posts should be related to OpenWrt and related projects, including DD-WRT, Tomato, OpenSAN, and more!
No offensive or low-effort content: Don’t post offensive or unhelpful content. Be nice - keep it civil and friendly!
Describe images/videos, no memes: Please include a text description when sharing images or videos.
No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.
No reposts or rehosted content: Share only the original source of an article, unless it’s not available in English, behind a paywall or requires logging in (like Twitter). Avoid reposting the same topic from other sources.
No editorializing titles: You can add the author or website’s name if helpful, but keep article titles unchanged.
No piracy: Do not share links or direct people to pirated content.
No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.
No affiliate links: Posting affiliate links is not allowed.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1 user / day
1 user / week
9 users / month
119 users / 6 months
1 local subscriber
281 subscribers
30 Posts
64 Comments
Modlog