uPnP vulnerability
#1
Hey all,

This is something which came up for me a while back. A comp-sci graduate friend of mine suggested that using uPnP was a good way to get hacked. I thought he was probably just exaggerating, the way he usually does so I forgot about it.

Anyway today while I was browsing The Register (any other reg fans?) I came across an article on the subject. I gave it a read and while I didn't understand ALL of it, some of it made sense. And I wondered what other people out there make of it? Is is such a big deal?

Before XBMC, I had never heard of uPnP.

uPnP article on The Register 29-01-2013
Reply
#2
Different thing.
The XBMC UPnP is UPnP A/V or DLNA. Not the UPnP that opens ports etc.

A few points before this thread gets filled with people wearing aluminum caps:
* Every piece of software potentially has a bug which could cause someone to hack it. This is especially true if it listens to a network port.
* People being scared that UPnP apps incorrectly coded, don't close their ports, so the port stays open after the app is closed... This is not a security risk. If there is nothing listening on the port, nothing will happen. Even if the app has a vulnerability, if it's closed, the payload wont do anything.
* People can spend their entire lives opening and closing ports in fear of something happening. Instead of that, just make sure your software is up to date, relax, and go have a beer.


If concerned about the UPnP on your router, buy a router which supports third-party firmware such as Tomato or OpenWRT (I'm not a big fan of dd-wrt due to their developers' lack of respect for their community, but that also works). That way, your router will get updates MUCH longer than if you were to depend on the manufacturer.

As an example, this UPnP issue that you are pointing to was fixed in miniupnpd (used by Tomato and OpenWRT) about 2 years ago as I recall reading.
Reply
#3
https://www.grc.com/x/ne.dll?bh0bkyd2

Take the test and then there's a uPnP probe test once that is completed.

uNi
Reply
#4
Would also point out that most quality routers let you disable UPnP, if your router doesn't, ether flash it with custom firmware or buy a new router, simple.
Reply

Logout Mark Read Team Forum Stats Members Help
uPnP vulnerability0