Rapid7, a security firm specializing in vulnerability management and penetration testing software, released a whitepaper detailing their research that reveals the security flaws in UPnP protocol that puts millions of network-enabled devices are at great risk, and strongly recommend people to check and disable UPnP protocol in any affected devices.
What is UPnP, exactly?
UPnP, stands for Universal Plug and Play, is a set of networking protocol that allows IP-based network devices, such as PC, printers, router, Wi-Fi access point, mobile devices, to seamlessly discover each other to establish an effortless connection for data sharing, communication, etc. If you are not familiar with the terminology, you can simply think of it similar to the term plug-and-play which basically is the technology that powers those USB devices that we all use on daily basis. Sounds pretty good, but unfortunately, it also allows things like XBoxes to place a back door that could lead to an attack by the remote intruders.
How many are affected?
UPnP protocol is enabled by default on millions of network devices, including those computers that run on Windows, Mac OS X, and many distributions of Linux. According to the research report, there are around 40-50 million devices vulnerable to this security flaw. More specifically, 81 million unique IP addresses respond to UPnP discovery requests, 20% of which can allow an attacker to target their system behind the firewall. Note that, 81 million is a number that is slightly more than all IPs allocated to Canada.
How can we tell if we are vulnerable?
Fortunately, Rapid7 also released a free scanning tool called ScanNow that targets to this UPnP check. You can scan your router or any devices on your network right from online by clicking on Scan My Router button to find out if you are immune to this threat. You can also download its portable version and run it on as many computer as you like.
If unfortunately it discovered that your router is affect to this vulnerability, you should take action now either disabling UPnP on the device or replacing with one that has UPnP disabled if disabling doesn’t seem to work.