New Member
Posts: 5
Registered: ‎07-17-2015
Kudos: 4

Ubiquiti Discovery Protocol Information Disclosure

Hi,

 

I heard about the information disclosure including local subnet details that could affect some ubiquiti products and noted that there were some unifi products on the list. Ie APs.

 

https://blog.rapid7.com/2019/02/01/ubiquiti-discovery-service-exposures/

 

Could you confirm if the usg is potentially at risk from this kind of information disclosure attack?

 

If so can this be mitigated in configuration?

 

Thanks

 

Ubiquiti Employee
Posts: 5,174
Registered: ‎08-08-2016
Kudos: 5676
Solutions: 355

Re: Ubiquiti Discovery Protocol Information Disclosure

No UniFi devices reply to that traffic when adopted. USG has never replied WAN-side to that in a default state either.

 

In factory default state in many years outdated firmware, UAP could respond if UDP 10001 was port forwarded to it, or the AP has a public IP directly-assigned (both nearly non-existent circumstances, hence the tiny numbers relative to the millions of them out there). Newer firmware versions won't reply to a public IP in default state. 

 

 

New Member
Posts: 5
Registered: ‎07-17-2015
Kudos: 4

Re: Ubiquiti Discovery Protocol Information Disclosure

Thanks for the reply I expected that to be the case but it never hurts to double check.

New Member
Posts: 10
Registered: ‎05-17-2017
Kudos: 93

Re: Ubiquiti Discovery Protocol Information Disclosure

Can USG devices act in the DDOS scheme described  in the press? Or is it Edge Router and other items that are affected?

 

Here, for Edge Router people are being told to shut of discovery...

 

https://community.ubnt.com/t5/EdgeRouter/UDP-broadcasts-on-port-10001/m-p/461233#M10582

 

This is the supposed work around to the UDP port amplification attack. All in all - not a security risk to us, but since man are on limited traffic bandwidth, the amplified output counts toward our quota. Not to mention we involuntarily participate in these DDOS nets.

Ubiquiti Employee
Posts: 5,174
Registered: ‎08-08-2016
Kudos: 5676
Solutions: 355

Re: Ubiquiti Discovery Protocol Information Disclosure

USG does not reply to that traffic at all, so the amplification is irrelevant even if you opened up 10001 on your WAN_LOCAL rules. It would just be ignored.