SSD Secure Disclosure, a company specializing in pentest and vulnerability detection, has issued a warning regarding the possibility of performing arbitrary code on Ubiquiti Edgerouter and Aircube devices. The company has identified a vulnerability of the “overflow overflow” type, which can be exploited by attackers who have access to devices with outdated software versions, even though the latest firmware updates have addressed the issue.
The vulnerability has been assigned the identifier CVE-2023-31998 and is related to Demon Miniupnpd, the component responsible for supporting the UPNP protocol. This protocol enables devices within a local network to automatically detect each other and exchange information.
According to Ubiquiti, an attacker with access to the local network can disrupt the UPNP service on a vulnerable device. SSD Secure Disclosure also highlights that the attacker could overwhelm the internal stack, potentially allowing the execution of arbitrary code.
SSD Secure Disclosure has published technical details about the vulnerability, along with a proof-of-concept (POC) exploit.
Exploits are usually classified based on the type of vulnerability they exploit, whether they are local or remote, and the resultant effect of the exploit (e.g., EOP, DOS, Spulping). One of the schemes for offering zero-day exploits is the Exploit-A-A-Service.