Anscheinend gibt es eine Sicherheitslücke in der IPS/IDS Engine der UDM/Pro.
Ich vermute mal das auch die USGs betroffen sind, dazu findet man aber keine Äußerung
ZitatAlles anzeigen
Hello All,Ubiquiti will update the Suricata version soon. However, it is important to register that currently, the scope of this vulnerability is a bypass on the ips/ids engine. Meaning even with a high score, it does not mean someone will hack/takeover your UDM.
It means that if something in your network is vulnerable and attacked using this bypass, IPS/IDS may not detect/block based on its signature.
u/XNSYS, you said you could crash IPS/IDS with this vulnerability. Can you prove that? If you can, please send a report to hackerone.com/ui and you will be well rewarded.
MAJOR Security problem with IPS/IDS and the Dream Machine 1.11.0 FW.
Hello All, Ubiquiti will update the Suricata version soon. However, it is important to register that currently, the scope of this...
www.reddit.com