Rapid7 Uncovers Shocking Flaws in Universal Plug and Play

Computer security firm Rapid7 has discovered and outlined three sets of security flaws in Universal Plug and Play (UPnP), a component that allows devices to connect and communicate on networks. “The flaws would allow hackers to steal passwords and documents or take remote control of webcams, printers, security systems, and other devices that are connected to the Internet,” reports Wired.

UPnP is installed in almost 7,000 devices ranging from routers and printers to smart TVs. Rapid7 says 40 to 50 million devices are vulnerable to attack. The firm says that although such attacks are currently time consuming to execute, it expects attack tools to be available soon.

“Rapid7 says there are fixes available for the software libraries to fix the vulnerabilities, but each device manufacturer that is affected would have to build updates for each of its products to fix the flaws,” explains Wired. “Rapid7 and the U.S. government are urging users to disable UPnP or use devices that avoid it entirely.”

“The results were shocking to the say the least,” notes the Rapid7 blog post. “Over 80 million unique IPs were identified that responded to UPnP discovery requests from the Internet. Somewhere between 40 and 50 million IPs are vulnerable to at least one of three attacks outlined in this paper. The two most commonly used UPnP software libraries both contained remotely exploitable vulnerabilities. In the case of the Portable UPnP SDK, over 23 million IPs are vulnerable to remote code execution through a single UDP packet. All told, we were able to identify over 6,900 product versions that were vulnerable through UPnP.”