<div class="gmail_quote">Buone notizie per chi vuole divertirsi con i buchi di sicurezza :/<br><br>---------- Forwarded message ----------<br>[...]<br><br><p>Dear customers,</p><p>We contact you in order to inform that a very important vulneability has been detected on the Ubiquiti Networks devices </p>
<p>(NanoStation, Loco, Bullet, Nanobridge, Powerbridge, Powerstation, Picostation, etc ...) with the following firmware versions:</p><p> 802.11 products - AirOS v3.6.1/v4.0 (previous versions are not affected)<br> AirMax products- AirOS v5.x (all versions)</p>
<p>This vulnerability allows access to the computer without a password and a virus called Skynet can be installed in the Ubiquiti </p><p>machine, this virus acts sending messages on the traffic generated through the port: 80 (http://), redirecting traffic to certain websites </p>
<p>and saturating wireless device memory, which causes unexpected reboots.</p><p>How is the virus?</p><p>The virus is a Linux script that is installed in a hidden directory and after a reboot, begins to act.</p><p>How to detect if your computer is infected Ubiquiti?</p>
<p>Try opening the page <a href="http://wxyx/admin.cgi" target="_blank">http://wxyx/admin.cgi</a> (where wxyz is the IP address of Ubiquiti)</p><p>If the page does not open, the computer has been infected since the virus renames it adm.cgi</p>
<p>How do if my computer IS NOT INFECTED?</p><p>Immediately update their firmware version Ubiquiti equipment, you can download the lastest firmware versions that have eliminated </p><p>the vulnerability at the following address:</p>
<p><a href="http://ubnt.com/support/downloads" target="_blank">http://ubnt.com/support/downloads</a></p><p>How to proceed if my computer IS INFECTED?</p><p>There are three options:</p><p>1) Ubiquiti has pledged to launch within 24 hours, a tool to eliminate the virus in an easy and fast way.<br>
2) Reset the computer to "factory defaults" and then upgrade the firmware version.<br>3) Remove the script Skynet manually following the instructions detailed below:</p><p>Access to the computer via SSH and run the following commands:</p>
<p>rm / etc / persistent / rc.poststart<br>rm-rf. skynet<br>save<br>reboot</p><p>After removing the script skynet (virus) using the procedure, proceed to ename the file adm.cgi to the original admin.cgi and upgrade the firmware to the latest available to the team at the following address:</p>
<p><a href="http://ubnt.com/support/downloads" target="_blank">http://ubnt.com/support/downloads</a></p><p>More information Ubqiuiti forum:</p><p><a href="http://www.ubnt.com/forum/showthread.php?t=45169" target="_blank">http://www.ubnt.com/forum/showthread.php?t=45169</a></p>
</div><br>