NEWS FROM THE LAB - Tuesday, January 29, 2013

Universal Plug and Pray Posted by Sean @ 14:57 GMT

From the files of things that really shouldn't surprise us: Rapid 7 released a white paper today on its research of the global exposure of Universal Plug and Play (UPnP) enabled network devices.

Rapid 7, Security Flaws in Universal Plug and Play

The results are impressive.

"Over 80 million unique IPs were identified that responded to UPnP discovery requests from the internet. Somewhere between 40 and 50 million IPs are vulnerable to at least one of three attacks […]. The two most commonly used UPnP software libraries both contained remotely exploitable vulnerabilities."

If you're a network administrator, be sure to check it out. Rapid 7 is offering a tool called ScanNow UPnP (which requires Java RE) that can identify exposed UPnP endpoints in your network.

Edited to add: Cert.org's Vulnerability Note VU#922681. A hat tip goes to @BrianHonan.