CVE-2024-54750 identifies a critical security vulnerability in the Ubiquiti U6-LR wireless access point firmware version 6.6.65. The vulnerability stems from a hardcoded password embedded in the /etc/shadow file, which is used by Unix-like systems to store hashed user passwords. This hardcoded credential allows attackers to authenticate as the root user without any prior authentication or user interaction, granting full administrative control over the device. The vulnerability is classified under CWE-798 (Use of Hard-coded Credentials), a well-known security weakness that can lead to complete system compromise. Although Ubiquiti asserts that the hardcoded password is only present before device setup and thus not a vulnerability post-setup, this does not eliminate the risk during the initial configuration phase or if the device is reset to factory defaults. The CVSS v3.1 base score of 9.8 reflects the critical nature of this flaw, highlighting its network attack vector, low attack complexity, no privileges required, no user interaction, and high impact on confidentiality, integrity, and availability. No patches or updates have been published at the time of disclosure, and no exploits have been reported in the wild, but the potential for exploitation is significant given the ease of access and control it provides.

The impact of CVE-2024-54750 is severe for organizations deploying Ubiquiti U6-LR devices, especially in enterprise, government, and critical infrastructure environments. An attacker exploiting this vulnerability can gain root-level access remotely, allowing them to manipulate device configurations, intercept or redirect network traffic, deploy malware, or use the device as a pivot point for further network intrusion. This compromises the confidentiality of sensitive data, the integrity of network operations, and the availability of wireless services. The vulnerability could facilitate espionage, data theft, service disruption, or persistent backdoor installation. Given the widespread use of Ubiquiti devices globally, the threat extends to any organization relying on these access points for wireless connectivity, including ISPs, corporate networks, educational institutions, and public Wi-Fi providers. The lack of a patch increases the window of exposure, making proactive mitigation critical to reduce risk.

1. Immediately isolate affected Ubiquiti U6-LR devices running firmware 6.6.65 from untrusted or public networks to prevent unauthorized access. 2. Avoid using factory-reset or uninitialized devices in production environments until the vulnerability is addressed. 3. Monitor network traffic and device logs for unusual authentication attempts or root access activities. 4. Implement network segmentation to limit the impact of a compromised device and restrict administrative access to trusted management networks only. 5. Contact Ubiquiti support for guidance and watch for official firmware updates or patches addressing this vulnerability. 6. Consider deploying alternative wireless access points from vendors without known hardcoded credential issues if immediate patching is not feasible. 7. Employ multi-factor authentication and strong network access controls where possible to reduce the risk of lateral movement post-compromise. 8. Maintain an incident response plan tailored to network device compromises to rapidly contain and remediate potential breaches.