UPnP Problems

upnpInformation security firm Rapid7 released research that they’ve conducted about security issues in devices that support UPnP (Universal Plug and Play). What they’ve found is that a large number of devices that are exposed on the internet are vulnerable to a small number of problems.

80 million IP addresses responded to UPnP discover requests, and of those devices, 40-50 million of them are vulnerable to a known attack. The reason why this is so widespread is that even though there are a large number of devices that support UPnP, there are only a handful of libraries that do. Most vendors don’t write their own UPnP support, but rather simply plug in a library.¬†There were over 6,900 product versions that were found to be vulnerable through UPnP. This list encompasses over 1,500 vendors and only took into account devices that exposed the UPnP SOAP service to the internet.

Some of the vulnerabilities that were searched for have since been fixed in the affected libraries. However, because of the nature of embedded devices and the difficulties of update the firmware, the affected devices will continue to contain these vulnerabilities for a long time.