Your Source for Leaks Around the World!

UPnP Vulnerability Exposes 50 Million Network-Enabled Devices to Be Hacked & Controlled Remotely

In News, Other Leaks, Science & Technology on February 1, 2013 at 11:15 AM


Internet users, beware: new security research has revealed that 40-50 million network-enabled device can be hacked and controlled remotely, with vulnerable products including cameras, printers and routers.

By hijacking personal devices like cameras, hackers can easily watch the every move of the device’s owner and invade the privacy of millions of users.

Internet routers that use a protocol called Universal Plug and Play (UPnP) allow network-connected devices such as computer and printers to make themselves easily discoverable, but new research by the security firm Rapid7 shows that this discoverability can be exploited by hackers.

Many routers are set to use the UPnP by default, thereby subjecting all network-enabled devices using the router to the damage that hackers are able to inflict. As many as 50 million unique devices can be exploited and about 6,900 products are vulnerable to software bugs that have already been found in three different implementations of the protocol.

Vendors including Cisco’s Linksys, Belkin, D-Link, and Netgear produce routers that make themselves and their connected devices susceptible to software bugs. At least 23 million types of connectible devices could be hijacked and permanently disabled, while others would face temporary incapacitation.

Using the discoverability of the devices, hackers could invade the network itself, regardless of any sort of firewalls that might be in place, thereby endangering personal information. Hackers could use UPnP-enabled routers and their devices to access confidential files, steal passwords, take full control of computers and access webcams, printers and other security systems.

“We never expected this much UPnP to be exposed on the Internet. The scope of the exposure just blew us away,” Rapid7’s chief security officer H.D. Moore told Forbes.

“This is the most pervasive bug I’ve ever seen,” he told Reuters, referring to the software bugs that Rapid7 discovered in most of the vulnerable devices that were tested.

Rapid7 recommends that Internet users check their routers for UPnP capabilities and disable the feature to protect their devices from being invaded by hackers. The new research also prompted CERT to issue a warning and Cisco to disseminate information about their susceptible products.

“Linksys is aware of the industry-wide UPnP library security vulnerability announced by the US CERT on January 29th,” a spokesperson wrote on the company website. “We recommend Linksys customers visit our website to understand if their home router is affected, and learn how to disable UPnP through the user interface to avoid being impacted.”

Unless Internet users take steps to ensure their network’s security, tens of millions could be at risk of having their information stolen, being watched through their own webcams, or having their devices destroyed.

Via RT

Checking for UPnP Vulnerabilities


You can run the Rapid7 Router Security Check to test your router and determine whether it is vulnerable to external attack from the Internet. If your router is NOT vulnerable, you’ll see “Congratulations! Your router did not respond to a UPnP discovery request.”

To check for internal exposure, Windows users can download Rapid7’s free ScanNow for UPnP tool. (Linux users should use the Metasploit tool instead. Mac users, look here for instructions on using Metasploit on Mac OS X.) After ScanNow completes, skip to the bottom of the page and look at the Overview of Results section. If it shows zeros under both Exploitable and Identified, you’re in good shape.

If these two checks show no vulnerabilities, you don’t need to do anything further. However, if a vulnerabilty is present, you need to turn off UPnP in your router.

  1. […] UPnP Vulnerability Exposes 50 Million Network-Enabled Devices to Be Hacked & Controlled Remotely ( […]

  2. Thank you a lot for sharing this with all of us
    you really realize what you’re talking about! Bookmarked. Kindly additionally consult with my web site =). We may have a hyperlink change contract among us

  3. […] UPnP Vulnerability Exposes 50 Million Network-Enabled Devices to Be Hacked & Controlled Remotely ( […]

  4. […] UPnP Vulnerability Exposes 50 Million Network-Enabled Devices to Be Hacked & Controlled Remotel… […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: