Think your wireless network is secure? You may be a bit overconfident given the latest warning from researchers on the vunlerability of netorking equipment using the UPnP (Universal Plug and Play) standard. Security software maker Rapid7 found that as many as 50 million devices are vulnerable to attack via one of three possible sets of problems in findings they call ‘scary’. This impacts all the major hardware players so just because you dropped large coin on your equipment doesn’t mean you are safe. The security holes could allow hackers access to any number of pieces of confidential information should they expliot the vulnerability and they recommend disabling the UPnP until this is resolved. Bear in mind that for most hardware, this functionality is on by default. Rapid7 has released a tool that will help identify impacted devices on their website.
The problem lies in computer routers and other networking equipment that use a commonly employed standard known as Universal Plug and Play or UPnP. UPnP makes it easy for networks to identify and communicate with equipment, reducing the amount of work it takes to set up networks.
Security software maker Rapid7 said in a white paper to be released Tuesday that it discovered between 40 million and 50 million devices that were vulnerable to attack due to three separate sets of problems that the firm’s researchers have identified with the UPnP standard