Posted February 3, 201312 yr There is a known UPnP vulnerability in some routers, its very serious and you should test your network see if you are affected (mine is O.K.) Read more: http://www.reuters.com/article/2013/01/29/us-cybersecurity-bugs-idUSBRE90S06320130129 View more: http://twit.tv/show/security-now/389 Test yourself: https://www.grc.com (go to Services > ShieldsUP! and you will find a "instant UPnP exposure test" button)
February 3, 201312 yr With or without my software firewall (Outpost Free), my router is safe: THE EQUIPMENT AT THE TARGET IP ADDRESSDID NOT RESPOND TO OUR UPnP PROBES!
February 3, 201312 yr Author Here is a link to an article for some (non)susceptible Linksys routers http://homekb.cisco.com/Cisco2/ukp.aspx?vw=1&articleid=28341 This reconfirms to me that I am fine (I own a E2500)
February 3, 201312 yr Those who use custom firmware (such as DD-WRT) are also not affected by this security risk.
February 5, 201312 yr Author You can get a more detailed scan on this site, it tells you what version UPnP/OS your router has (needs Java) http://netalyzr.icsi.berkeley.edu/ Here is why I am not affected This device appears to run "POSIX UPnP/1.0 linux/5.60.127.2901". A device that is affected shows this This device appears to run "Linux/2.6.35.8, UPnP/1.0, Portable SDK for UPnP devices/1.6.6". This system may be vulnerable to CVE-2012-5958 and CVE-2012-5959 Portable SDK for UPnP Devices has been updated to resolve this issue
_14e30a.png)
_8126ce.png)
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.