• AlpacaChariot@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    9 months ago

    Yes of course I changed the root password, I think it would actually be quite difficult not to do that on OpenWrt as it warns you if the password isn’t set.

    Was the exploit not related to unifi’s remote / cloud administration features? That’s how I read it, unless they mean remote admin that was installed by the malware.

    • mark3748@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      UniFi and Edge are different product lines. UniFi uses a controller (local or cloud-based) and edge products are the more traditional interface on the device itself.

      The article clearly states that edgerouter is the affected product, which means the default password and remote admin interface were the attack vectors.

      • AlpacaChariot@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        Thanks, I find the names of Ubiquiti’s product lines pretty confusing particularly as they are often used together.

        I have an Edgerouter X, an Edgerouter PoE-5, two UAP-AC-LR (“Ubiquiti UniFi-AC-LR”) access points, and one UAP-AC-MESH (“Ubiquiti UniFi-AC-MESH”) access point.

        The access points came with UniFi firmware, whereas the routers were running EdgeOS. I’m no longer using the PoE-5 and I’ve replaced the firmware on all of the other devices with OpenWrt.