What We Know

In recent days, we’ve seen virus activity taking network devices offline. In most cases, devices are reset to factory defaults. In other cases, devices are still operational, but inaccessible. The virus is using an HTTP/HTTPS exploit that doesn’t require authentication. Simply having a radio with out-of-date firmware and having its HTTP (port 80)/HTTPS (port 443) interface exposed to the Internet is enough to get infected.

Checking Your Devices

Devices running the following firmware are NOT affected:

Ensure the Safety of Your Devices

Ubiquiti takes these threats seriously and has created a patch and an Android app to diagnose and fix the problem. To check your devices and remove the virus, please use the removal tool.

Note: The tool has the ability to upgrade airMAX M series devices to airOS® v5.6.5, which completely disables custom script usage. 
If a device is inaccessible, TFTP recovery will be required to reset it to factory defaults.

For further discussions, check our community page  
or contact our support team.