UPnP vulnerability lets attackers steal data, scan internal networks

2020-06-09 13:24

A vulnerability in Universal Plug and Play, which is implemented in billions of networked and IoT devices - personal computers, printers, mobile devices, routers, gaming consoles, Wi-Fi access points, and so on - may allow unauthenticated, remote attackers to exfiltrate data, scan internal networks or make the devices participate in DDoS attacks.

About UPnP. UPnP is a set of networking protocols that allows networked devices to automatically discover and interact with each other when on the same network.

"The vulnerability is caused by Callback header value in UPnP SUBSCRIBE function can be controlled by an attacker and enables an SSRF-like vulnerability which affects millions of Internet facing and billions of LAN devices," Çadırcı explained.

More technical details are available here but, in short, the vulnerability can be used to bypass DLP and network security devices to exfiltrate data, scan internal ports, and force millions of Internet-facing UPnP devices to become a source of amplified reflected TCP DDoS. What now?

"Home users are not expected to be targeted directly. If their internet facing devices have UPnP endpoints, their devices may be used for DDoS source," he added.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/e4Czb4iNAb4/

#stealdata #upnp #vulnerability