Separate names with a comma.
Discussion in 'Security' started by Chiefcrowe, Jan 29, 2013.
Hmm, UPnP has been a huge security problem since it was introduced, but the fact that its accessible/exploitable from the public internet is astonishing. I wonder how many routers will respond to UPnP commands, even when UPnP is 'disabled'. Some routers sill respond to WPS even when its 'disabled'.
Wow, I wonder if the UPnP code used by Tomato and DD-WRT is vulnerable or not? At least, if it is, it's sure to be fixed fairly quickly.
hmm... tool to detect if your UPnP is affected requires another affected software...
Cant say im inclined to install Java just to run this tool.
Mini-UPnP is supposedly safer from version 1.4 on.
1.0 release has been the main culprit, and is probably on both those distributions.
As long as you don't run the UPnP on the external interface, you should be safe though.
Here's a list (undoubtedly not definitive) of more affected routers and devices:
Tons of brands listed there, skim down for yours.
On a similar note, D-Link has some routers that are vulnerable to rooting and code execution by unauthenticated attackers. More info here: http://news.softpedia.com/news/Vuln...ackers-to-Execute-Malicious-Code-327246.shtml
Wow. Guess I know one brand to never consider buying... :hmm:
Google grc shields up. The site has the ability to check your UPnP router vulnerability. No download required.
I went to that site since I last used to to check for open ports on a Vista Firewall behind a Netgear router and it showed up clean....
It might be because I went through the router settings and made sure to turn off things that I didn't need. UPnP might have been one of then.
I also have the UPnP service set to disabled as well.
It looks like most open source implementations are affected. There's a thread on the DD-WRT forum about it. I don't know about tomato but I don't think it will be patched for the freely distributed dd-wrt very soon.
Rapid7's scan said my Tomato USB router is protected.