SN 854: Anatomy of a Log4j Exploit

Beep boop - this is a robot. A new show has been posted to TWiT…

What are your thoughts about today’s show? We’d love to hear from you!

Just tested my routers, all stealthed, which I expected.

I am using my AVM Fritz!Box in passthru mode anyway and I have a Ubiquti Unifi Secure Gateway behind it…

1 Like

Also ran the test, but on my Asus router. All good… So far till the next issue crops up.

Started the final season of the expanse. :grin:

1 Like

Ubiquiti updated everything last month. I think their controller/Cloud Key used Log4j.

Ahh, no log4j on my baby Asus router. Latest release for my router lists the following:

Firmware version

  • Release Note -

Bug Fixes and Enhancements:

  1. Fixed XSS vulnerability
  2. Fixed SQL injection vulnerability
  3. Fixed PLC path traversal vulnerability
  4. Fixed Stack overflow vulnerability
    Thanks to HP of Cyber Kunlun Lab