UPnP Vulnerability

On Tuesday, computer security firm Rapid 7 released information that they found approximately 23 million products connected to the Internet that are susceptible to being completely taken over by anyone with bad willed intent, and another 40 million can be shut down remotely by someone who wants to. The vulnerability affects 1500 vendors (including vendors such as Linksys, D-Link and Netgear) and almost 7000 products (ranging from routers, TVs, Media Devices etc). So, if you are for example running a Linksys WRT610N router at home that you use when connecting to the VPN at the office, then someone could potentially access this router and set up a man-in-the-middle attack in order to get your credentials or whatever they want to do. Due to the amount of devices affected, it’s suggested by the vendors that you simply disable UPnP in your router or other devices unless you explicitly need it. You can find information on how to do this on the page of your vendor.

Rapid7-Chart-on-UPnP
Chart courtesy of Rapid7

More information:
http://www.kb.cert.org/vuls/id/922681
http://www.wired.com/threatlevel/2013/01/plug-n-play-security-flaws/
http://en.wikipedia.org/wiki/Man-in-the-middle_attack