Patching UniFi Against The Log4J CVE-2021-44228 Vulnerability [YouTube Release]

Additional Resources:

Dowload the updated controller here

Security bulletin

Reddit post about camera

UI Forum post about camera

Tutorial on Graylog

Connecting With Us

Lawrence Systems Shirts and Swag



Amazon Affiliate Store

All Of Our Affiliates that help us out and can get you discounts!
:shopping_cart: Affiliates We Love - Lawrence Technology Services

Gear we use on Kit
:shopping_cart: Kit

Try ITProTV free of charge and get 30% off!
:shopping_cart: Learn technology and pass IT certifications with ITProTV

Use OfferCode LTSERVICES to get 10% off your order at

Digital Ocean Offer Code

HostiFi UniFi Cloud Hosting Service
:shopping_cart: HostiFi - UniFi cloud hosting

Protect you privacy with a VPN from Private Internet Access
:shopping_cart: Buy VPN with Credit Card or PayPal | Private Internet Access

:moneybag: lawrencesystems is creating Tech Tutorials & Reviews | Patreon

:stopwatch: Timestamps :stopwatch:
00:00 UniFi Controller 6.5.54
00:47 Log4J Attack Vectors
02:07 UniFi 6.5.54 Download
02:51 UniFi Protect Cameras
03:59 UniFi Indicators of Compromise

#UniFi #Log4j #Log4Shell

Just a word… I’m seeing this in my Suricata alerts on a port that runs my Shoutcast server connection. It’s coming from a TOR relay which already gets blocked, but the ET rules are also catching the java log exploit:

ET EXPLOIT Apache log4j RCE Attempt (http ldap) (CVE-2021-44228)

So running Suricata with the ET rules might be a good idea for people that can’t patch an application. Not going to say it will be a catch all defense, but one more impediment in front of the attacker is always a good choice.

I will also say that the ET rules require a lot of exemptions to get through a normal day of work, you just have to keep on top of them as mentioned in Tom’s video on Suricata.

yes it is a double NAT, just what I have to deal with from work