Vulnerability in uPnP

Internet, Two-Way Radio Communications, WIFI, 3G, etc
Post Reply
User avatar
Zero-Fear
Loyal
Loyal
Posts: 90
Joined: Tue Nov 27, 2012 1:08 am
Contact:

Vulnerability in uPnP

Post by Zero-Fear » Wed Jan 30, 2013 9:16 am

Researchers have uncovered three sets of serious security flaws in the protocol for a component that allows computers and other devices to easily connect and communicate on a network.
The flaws were found in Universal Plug and Play (UPnP), a component that is embedded in nearly 7,000 different kinds of devices — including routers, printers, media players and smart TVs — to allow them to be easily discovered on a network for quick setup and information sharing.

The flaws would allow hackers to steal passwords and documents or take remote control of webcams, printers, security systems, and other devices that are connected to the internet.
Image

Whitepaper
https://community.rapid7.com/servlet/Ji ... wsUPnP.pdf

Vulnerability Scanner
http://www.rapid7.com/resources/free-se ... n-2013.jsp
Zero-Fear

User avatar
Nick
Respected
Respected
Posts: 182
Joined: Tue Nov 27, 2012 9:34 pm
Location: 127.0.0.1

Re: Vulnerability in uPnP

Post by Nick » Thu Jan 31, 2013 9:16 pm

And that's why I disabled uPnP when I set up networks... It's a simple question of "Do I want to have security or save 15 seconds typing in IP addresses?"

Post Reply