Wednesday, 2 September 2015

UPnP Routers Lets You Customize Firewall Attacker

The Universal Plug and Play (UPnP) protocol to make it easier for devices to communicate with each other and connect, but an unknown number of routers, the security is not well regulated, so an attacker can open quietly ports in the firewall or access to the router can get.

Before that warns the CERT Coordination Center (CERT / CC) at Carnegie Mellon University. The UPnP protocol was originally developed for private networks and uses standard therefore no authentication. Later it was decided to draw up a UPnP security standard set yet, but this support is very limited. Because of the lack of security could allow an attacker with access to the private network via UPnP access to the router and to prepare for open ports or services that enable the network to be attacked further.

Although the UPnP problems that the CERT / CC warns alone can be attacked via private networks, it is also possible from the internet here to access it. Via a dedicated website, an attacker, with Chrome and Firefox users who have enabled JavaScript, that any UPnP requests sent to the firewall and thus the network further attacks. The "Filet-O-Firewall"vulnerability has already been demonstrated in early August, but now the CERT / CC decided to issue a warning.

As a solution, users advised to not open unknown links, UPnP off, implement the latest UPnP standards or to the UPnP control arbitrary URL, so that can not be guessed by an attacker. Which models and manufacturers are vulnerable is unknown, but according to the discoverer of the problem involves a "vendor independent vulnerability".

No comments:

Post a Comment