Ubiquiti Unifi Log4Shell RCE
Description
Ubiquiti UniFi Network Application is affected by the Log4Shell vulnerability (CVE-2021-44228), a critical remote code execution flaw in the Apache Log4j library. This vulnerability allows attackers to execute arbitrary code by sending specially crafted strings that are logged by the application, enabling complete system compromise without authentication.
Remediation
Immediately upgrade the UniFi Network Application to version 6.5.55 or later, which addresses the Log4Shell vulnerability by updating the Log4j library to a patched version.
Remediation steps:
1. Back up your current UniFi Network Application configuration and database
2. Download UniFi Network Application version 6.5.55 or newer from the official Ubiquiti website
3. Follow the upgrade procedure appropriate for your deployment platform (Windows, Linux, macOS, or UniFi OS)
4. Verify the upgrade was successful by checking the application version in the settings
5. Review system logs for any suspicious activity that may have occurred prior to patching
As an interim mitigation if immediate patching is not possible, restrict network access to the UniFi controller to trusted IP addresses only and monitor for exploitation attempts.