icon

Digital safety starts here for both commercial and personal Use...

Defend Your Business Against the Latest WNY Cyber Threats We offer Safe, Secure and Affordable Solutions for your Business and Personal Networks and Devices.



WNYCyber is there to help you to choose the best service providers in Western New York... We DO NOT provide the services ourselves, as we are Internet Programmers who have to deak daily with Cyber Threats... (Ugghhh)... So we know what it's like and what it takes to protect OUR and OUR CUSTOMERS DATA... We built this Website to help steer you to those that can give you the best service at realistic and non-inflated prices. We do charge or collect any fees.

Buffalo, New York
United States

Current Threat Data

Experts Released PoC exploit for Ubiquiti EdgeRouter Flaw

Cyber Security Threat Summary:
A Proof-of-Concept (PoC) exploit for the CVE-2023-31998 vulnerability in the Ubiquiti EdgeRouter has been publicly released. The CVE-2023-31998 flaw (CVSS v3 5.9) is a heap overflow issue impacting Ubiquiti EdgeRouters and Aircubes, an attacker can exploit it to potentially execute arbitrary code and interrupt UPnP service to a vulnerable device. The flaw resides in the miniupnpd service and can be exploited by a LAN attacker. The vulnerability affects EdgeRouters 2.0.9-hotfix.6 and earlier and AirCube firmware version 2.8.8 and earlier. Vulnerability reporting firm SSD Secure Disclosure published technical details for the now patched vulnerability, its experts have developed a proof of concept that was successfully tested against another Ubiquiti device, EdgeRouter-X, whose latest firmware suffers from the same vulnerability.

Security Officer Comments:
If specific requirements are met, then an attacker can exploit the vulnerability by sending a specially crafted packet to the miniupnpd service. This packet will cause the miniupnpd service to overflow its heap memory, which could allow the attacker to execute arbitrary code on the vulnerable device. The researchers who discovered the vulnerability warn that vulnerable versions of the MiniUPnPd service may have been shipped with other networking devices. This means that it is possible that other devices, such as home gateways or 5G dongles, may be vulnerable to this attack.

The researchers also point out that the vulnerability has been fixed in commit a77d1ff9, but it was not published as a security vulnerability. This means that it is possible that other devices that are still using the vulnerable version of MiniUPnPd may not be aware of the vulnerability and may not have taken steps to mitigate it. Overall, the CVE-2023-31998 vulnerability is a serious security issue that could allow attackers to take control of vulnerable devices. Users of affected devices are advised to update their firmware as soon as possible to mitigate the risk of attack.

Suggested Correction(s):
Ubiquiti addressed the issue with the release of software updates 2.0.9-hotfix.7 or later for EdgeRouters and software version 2.8.9 or later for Aircubes. The company pointed out that it is not aware of attacks in the wild exploiting this vulnerability.

Link(s):
https://securityaffairs.com/148334/hacking/ubiquiti-edgerouter-flaw.html

Contact Us for Threat Assistance
Back to Current Threats