According to Rapid7 security team, the technology used worldwide in routers and network equipment standard allowing hackers to infiltrate potentially about 40 to 50 million units worldwide.
The vulnerability lies in the standard known as Universal Plug and Play (UPnP). This standard set of protocols for networking allows devices such as computers, printers, and access points Wi-Fi to communicate and discover their mutual presence. After discovery, devices can be connected via a network to share files, printing and the ability to Internet.In a white paper released today, researchers at security software vendor say that all UPnP can make network configuration cheaper and more efficient, it has a severe security risk.
The paper focuses on programming defects in common UPnP SSDP Discovery () implementations which can be exploited to crash the service and execute arbitrary code exposure control interface (UPnP SOAP ) private networks and programming flaws both UPnP and HTTP SOAP overall.
More than 80 million unique IP were identified that responded to discovery requests from UPnP Internet due to "incorrect configuration" SSDP Discovery Service UPnP on thousands of products. More than 73 percent of all cases discovered UPnP SSDP were obtained from only four software development kits.
In addition, the UPnP SOAP was deemed provides access to device functions that should not be permitted from untrusted networks - such as opening holes in a firewall.
Rapid7 said that the two most commonly used software libraries which are both UPnP vulnerability remotely exploitable. For example, in the case of mobile UPnP SDK, "more than 23 million IPs are vulnerable to remote code execution through a single UDP packet." A patch has been released, but it will take time before this patch is included in suppliers' products, according to the firm.
