Dangerous Vulnerability? Some Routers Bad UPnP Authentication

This is the problem with some security issues(complicated technical issues that require expertise to fix):

http://www.kb.cert.org/vuls/id/361684

Home routers implementing the UPnP protocol do not sufficiently randomize UUIDs in UPnP control URLs, or implement other UPnP security measures.

routervendor-unknowneffects

This attack has the beginnings of a potential problem, some vendors have sufficient protection built-in:

Some vendors have reported that their devices randomize the UUID in the Control URL, making guessing the correct URL much more difficult, but many vendors have not taken this action. For more information, see the Vendor Information section below. It is currently unclear how widespread the deployment of UPnP security standards is in these devices.

 

 

The person who found this vulnerability also created a website aptly named:

http://www.filet-o-firewall.com/

The best way to solve this problem is to Disable UPnP

The website has a few images to help with the

filetofirewallvulnerabilityimages

The website has a proof of concept code and videos of attack samples.

 

 

If you can disable UPnP on your routers.

Here is some more info on UPnP:

http://upnp.org/index.php/sdcps-and-certification/standards/device-architecture-documents/

 

Let us know if you need help:

http://oversitesentry.com/contact-us/

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.