Some Older Linksys Routers allow UPnP Configurable from the net


Recommended Posts

Some Older Linksys Routers allow UPnP Configurable from

update the firmware or disable UPnP immediately!

  Quote

Routers from various manufacturers support UPnP (Universal Plug and Play) on their WAN interfaces, which apparently makes it possible for attackers to reconfigure them remotely via the internet and, for example, misuse them as surfing proxies or to infiltrate internal LANs. The problem was discovered by IT security specialist Daniel Garcia, who has developed the Umap tool to demonstrate the problem; the tool is available to download free of charge.

Umap detects UPnP-enabled end devices such as DSL routers and cable modems on the internet by directly retrieving the devices' XML descriptions. The required URLs and ports for some models are hard-coded into the tool. This enables the software to bypass the usual restriction that only allows UPnP to search for compatible hardware via multicast in local networks. Garcia says that entire device series by Edimax, Linksys, Sitecom or Thomson (SpeedTouch) respond to UPnP requests on their WAN interfaces.

Since UPnP isn't designed to include any authentication, the XML description can always be retrieved. Garcia said that, by performing an internet scan, he managed to detect 150,000 potentially vulnerable devices within a short period of time. Once initial contact has been made, the scanner sends such UPnP commands as AddPortMapping or DeletePortMapping to the devices via SOAP requests. LAN devices usually use these commands to access the internet via NAT. However, the devices from the manufacturers in question allow the port to be opened ? and redirected to any other LAN device ? via the WAN interface. Umap attempts to guess the internal IP address that is required to do so.

http://www.h-online.com/security/news/item/UPnP-enabled-routers-allow-attacks-on-LANs-1329727.html

  On 27/08/2011 at 19:43, littleneutrino said:

been disabled for rather some time. :p

Ya but what about the millions of users of Linksys routers that just plug it in and go.

  On 27/08/2011 at 19:46, HawkMan said:

Keeping upnp on because it's convenient, and keeping the firewalls on only computers because there's no reason to not have them on.

And overly sensationalist.

What if you were behind a linksys router, had UPnP and had folder shares setup on your network. Then a guy on the net configures your UPnP to allow folder shares accessible on the net?

  On 27/08/2011 at 19:32, warwagon said:

***WARNING!*** Linksys Routers UPnP is Configurable from the net

disable UPnP immediately!

For some reason this story isn't getting much press. Personally I think this is huge. I had a hard enough time just finding a site that talked about it.

maybe because it's not that big of a deal?

  On 28/08/2011 at 05:07, Ryoken said:

Anyone that has set all their shares to public, is an idiot.

Someone wants to get on my network feel free, you'll get to see that I have shares, but that's it.

The fact a someone on the net can configure your router from the outside and even see your shares should make you feel uneasy. Regardless if they can actually open the shares,

This isn't really a huge deal, because, as it was said before, there are plenty of computers out there not even behind a router. However having your ports open for anyone on the internet isn't a good idea. You could always be caught with a slightly outdated software or exploited with a zero day.

any newb knows not to enable UPnP....</joke>

Joking aside....what a bummer! I mean, I sit behind a netgear router as my primary gateway...a linksys I'm using as a switch...then a linksys I'm using as an access point, with multiple workstations on wifi...even a ps3...and still, don't have to worry about it. Life goes on....(least, for me anyway)

There's probably a large number of people that use Linksys routers with custom firmware. Newer firmware versions have a feature that says "UPnP clients are allowed to add mappings only to their IP". I'd imagine this would protect you from the kind of vulnerability talked about in the article.

Linksys will more than likely fix this in a firmware update. But now many "Average user" upgrade the firmware of their routers?

How many "Average user" also install custom firmware?

So my guess would be we have millions of average users with linksys routers out there that are non the wiser to this issue.

basically what I am getting at is that there are fewer with this issue than you think. Many routers do not enable upnp out of the box....I believe that there are more out there that do not than there are that do. I have run into less than a handful that have had this enabled out of the box. It is the gaming users (xbox, ps3, and possibly the wii users) that have this feature enabled...perhaps being that you have more experiance on the home side than I do in recent years you see different, but I am pretty sure that you have to enable this feature on most or all routers.

  On 29/08/2011 at 20:35, sc302 said:

basically what I am getting at is that there are fewer with this issue than you think. Many routers do not enable upnp out of the box....I believe that there are more out there that do not than there are that do. I have run into less than a handful that have had this enabled out of the box. It is the gaming users (xbox, ps3, and possibly the wii users) that have this feature enabled...perhaps being that you have more experiance on the home side than I do in recent years you see different, but I am pretty sure that you have to enable this feature on most or all routers.

Having to enable it, doesn't that defeat the purpose it was created for? I can see why home user routers would be on by default, and I could also see why business class routers would have it off by default.

  On 29/08/2011 at 20:43, warwagon said:

Having to enable it, doesn't that defeat the purpose it was created for?

how so? disabled for the majority, if you need it you enable it....it is a tick just like wpa is a tick to enable.

  On 29/08/2011 at 20:46, sc302 said:

how so? disabled for the majority, if you need it you enable it.

Ya, but they are Made for the 'Home users" Home users barely know where the address bar is, let alone how to log into their router and enable UPnP :cool:

I don't disagree with. If you need it turned on its a VERY easy thing to do. For the the home user, a not such an east thing to do.

  On 29/08/2011 at 20:48, warwagon said:

Ya, but they are Made for the 'Home users" Home users barely know where the address bar is, let alone how to log into their router and enable UPnP :cool:

very true and that is why you see many routers that have no wireless security and upnp disabled because they kept the defaults.

point being that although it is a flaw, the majority isn't succumed to this flaw being that they don't even know how to get in to it to check it's ip or if it is connected to the internet. the ones who this flaw is subject to are the people who know enough to enable it for whatever reason and should be keeping up on their security and updates.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Meta is now using every possible source to power its data centers by Hamid Ganji Chip shortage is not the only obstacle hindering AI development. The insatiable thirst for electricity from data centers has caused serious problems for tech giants, to the point where they have been forced to invest heavily in purchasing nuclear power plants. However, green and renewable energy could also serve as an alternative power source for data centers. As reported by Reuters, Meta has signed four deals with Renewable energy developer Invenergy to supply 791 megawatts (MW) of solar and wind power for its data centers. This is the second green deal between Meta and Invenergy to supply renewable energy to Meta's data centers, following the firms' signing of contracts last year for 760 MW of solar electricity. According to Invenergy, the latest deal soars Meta's renewable energy purchases to 1,800 MW. The green energy will come from Invenergy's projects in Ohio, Arkansas, and Texas. While renewable energy has a more limited capacity compared to methods like nuclear power, it still holds significant potential to meet some of the data center's energy needs. Moreover, investing in renewable energy aligns with Big Tech's net-zero plans. Last year, Meta announced a request for proposals (RFP) to identify nuclear energy developers in the United States. The company plans to generate 1-4 gigawatts (GW) of new nuclear power by early 2030. Also, in June this year, Meta and energy company Constellation announced plans to revive an aging nuclear power plant in Illinois that has been shut down since 2017 due to financial losses. Meta could rely on this nuclear power plant for the next 20 years. While some major tech companies were committed to achieving net-zero emissions by 2040, the soaring power demands from AI data centers could render all those green plans obsolete. That is why these companies have called for reforms to net-zero rules, as achieving their ambitious net-zero goals by 2040 seems highly unlikely.
    • Mozilla fixes Firefox crashes on startup and other issues by Taras Buria Just two days after releasing Firefox 140 to the Release channel, Mozilla is dropping a small update to address two bugs in version 140. Firefox 140.0.1 is now available for download, addressing crashes on startup and issues with contrast in the sidebar when using dark themes (black text appears on dark backgrounds, making it impossible to read). Here is the changelog that Mozilla published in the official documentation: Fixed text contrast issues in the sidebar with some dark themes. (Bug 1971487) Fixed a startup crash experienced by some users caused by DLL injection. (Bug 1973947) You can update Firefox to the latest version by heading to Menu > Help > About Firefox. Alternatively, you can get it from the official website or the Microsoft Store (Windows 10 and 11). In case you missed it, Firefox 140 arrived on June 24. It introduced several important changes, including the ability to resize the pinned tab section when using vertical tabs (more upgrades are coming to the browser in this area), custom search engine support, tab unloading via right-click, various security fixes, and more. The update also removed the Pocket toolbar icon and the Pocket integration on the new tab page. Mozilla recently killed Pocket and Fakesport in order to focus more on its main product, the Firefox browser. You can find full release notes for Firefox 140.0.1 in our dedicated article.
    • I really don't get why Outer Worlds 2 is being brought into conversation so often. In Romania: Final Fantasy 7 Remake Part 1 launched at 80 euros on EPIC, FOUR YEARS AGO and then at 80 euros on Steam sometime later. Black Ops 6 last year? 80 euros. DOOM The Dark Ages? It launched at 80 euros. "Xbox Game Studios’ first game out of the gates with the increased price" => literally the 3rd Xbox studio title with that pricing for me. They can all get bent.
    • MSFT it's getting stupid under Satya Nadella's management. Instead of dogfooding their own technology like WinUI3 they insist in pushing this web garbage packed of copilot malware. As an old enthusiast of MSFT since 90's I'm almost becoming a hater of MSFT because of suck kind of stupid decisions like these. 1) Pushing copilot hard on it's user's thought, every time and e everywhere. 2) Instead of favoring it's own NATIVE UI framework like WinUI or .NET MAUI (poor maui) to showcase the market they are very confident about their software development tools, no they just to what's easier for them and completely ignore it's user's feedback. My guess is that pretty soon they will figure it out that AI won't be all that big thing and when they realize the colossal investments that they made on AI would better served if they invested in their own .NET frameworks.
  • Recent Achievements

    • Conversation Starter
      Kavin25 earned a badge
      Conversation Starter
    • One Month Later
      Leonard grant earned a badge
      One Month Later
    • Week One Done
      pcdoctorsnet earned a badge
      Week One Done
    • Rising Star
      Phillip0web went up a rank
      Rising Star
    • One Month Later
      Epaminombas earned a badge
      One Month Later
  • Popular Contributors

    1. 1
      +primortal
      532
    2. 2
      ATLien_0
      207
    3. 3
      +FloatingFatMan
      170
    4. 4
      Michael Scrip
      148
    5. 5
      Steven P.
      125
  • Tell a friend

    Love Neowin? Tell a friend!