Security Flaws Found in UPnP

By

Potential risk of network-enabled devices discovered by Rapid7 research.

Recent research conducted by Rapid7 reveals that 40 to 50 million network-enabled devices are potentially at risk from vulnerabilities found in the Universal Plug and Play (UPnP) protocol.

UPnP allows network-enabled devices such as as routers, printers, media players, and network-attached storage devices to communicate with each other. The whitepaper from Rapid7 examines three groups of security flaws relating to UPnP that could lead to a remote compromise of vulnerable devices.

In a blog post about the findings, HD Moore, Rapid7’s Chief Security Officer, stated, “All told, we were able to identify over 6,900 product versions that were vulnerable through UPnP. This list encompasses over 1,500 vendors and only took into account devices that exposed the UPnP SOAP service to the internet, a serious vulnerability in itself.”

UPnP’s security flaws could allow hackers to gain access to files and passwords and remotely access webcams, printers, and security systems. Rapid7 is advising users, companies, and ISPs to take immediate action in identifying and disabling any Internet-exposed UPnP endpoints in their environments.

Rapid7 has released a free tool called ScanNow UPnP to help identify those devices. Read more about the research with the company’s whitepaper.

01/31/2013
comments powered by Disqus