Yesterday, some pretty serious flaws in a widely-used networking standard were uncovered. Researchers from security firm Rapid7 dug up various failings in Universal Plug and Play (UPnP), affecting tens of millions of Internet-connected devices, from Cisco and Netgear networking kit, to printers and IP CCTV cameras.
Rapid7 found 80 million public IP addresses responded to UPnP requests, effectively opening the door for attackers trying to find vulnerable systems.
It only seems inevitable systems will be hacked exploiting these weaknesses, if they haven’t been already. But to know your enemy is to be better prepared against their attacks. IT teams would do well to understand where hackers are looking for holes in UPnP.
We caught up with chief security officer of Rapid 7, HD Moore, who also created the Metasploit penetration testing tool, and now serves as Metasploit’s chief architect.
Moore told us how attacks would go down…
“To exploit these vulnerabilities, the attacker would first need to identify systems running vulnerable UPnP services. UPnP makes this easy by providing a discovery service over UDP port 1900.
“The attacker can use a number of standard tools to scan the target network and identify the IP addresses and software version of any UPnP enabled system.
“At this point, they would have a few options available:
“To summarise, there are three paths an intruder could take:
“If the attacker is able to compromise the device using the UPnP discovery or SOAP services, they would be able to steal data, sniff traffic, and target other systems on the network. In the case of home routers, they would be able to force users accessing the internet to visit a page laden with malware instead of their real destination.”
Think you know security? Test yourself with our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…