vulnerability

Ubiquiti Discovery Traffic Amplification

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
1	(AV:N/AC:L/Au:N/C:N/I:N/A:N)	Jan 29, 2019	Feb 4, 2019	Feb 18, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:N)

Published

Jan 29, 2019

Added

Feb 4, 2019

Modified

Feb 18, 2025

Description

The Ubiquiti Discovery (ubnt-discover) protocol suffers from allowing UDP amplification attacks,
which can be used against other assets typically in the form of distributed reflected denial of service (DRDoS) attacks.
The amplification factor for this protocol is 30-35x the size of the request.

Solution

ubnt-discover-restrict

References

https://blog.rapid7.com/2019/02/01/ubiquiti-discovery-service-exposures/
CERT-TA14-017A

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report