The vulnerability management firm also released a free tool today that lets users scan for exposed UPnP devices and for those that are vulnerable to the attacks identified by Rapid7. The ScanNow UPnP tool is availablehere for download.
[Researchers and attackers catalog vulnerable systems connected to the Internet, from videoconferencing systems set to auto-answer, to open point-of-sale servers, to poorly configured database systems. See Global Scans Reveal Internet's Insecurities In 2012.]
"UPnP was intended for home use only, so hopefully most organizations won't have too many devices which support UPnP out of the box. Running a scan to be certain would be a wise move, though," Secunia's Kristensen says.
What's most disturbing, he says, is that UPnP should not be Internet-facing at all. "The risk would have been very limited if only the vendors had applied basic best practices and ensured that UPnP and similar protocols only are available in internal networks," he says.
Rapid7's Security Flaws in the Universal Plug and Play white paper is available here for download.
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.