UPnP vulnerability checker available

Rapid7, best known in the security community for Metasploit, recently published research indicating that an estimated 40-50 million network enabled devices are at risk due to vulnerabilities in the UPnP protocol. UPnP allows you to simplify the process of connecting to and configuring network connected devices.

Rapid7 has published a utility that you can use to scan for UPnP vulnerabilities on your network.

Given the vulnerabilities involved and the difficulty in automatically updating the software on the types of devices that would be vulnerable, you should strongly consider disabling UPnP functionality on any devices that you detect as vulnerable. Disabling UPnP won’t stop you from being able to use the device for its intended function, but it will require you to perform some configuration tasks that you performed automatically using a more involved manual process.

Please or Register to post comments.

What's Hyperbole, Embellishment, and Systems Administration Blog?

IT pro Orin Thomas provides true tales, snafus, news, and urban legends for Microsoft Windows system administrators.


Orin Thomas

Orin Thomas is a contributing editor for Windows IT Pro and a Windows Security MVP. He has authored or coauthored more than thirty books for Microsoft Press, founded the Melbourne System Center,...
Blog Archive

Sponsored Introduction Continue on to (or wait seconds) ×