ricktendo Posted February 3, 2013 Posted February 3, 2013 There is a known UPnP vulnerability in some routers, its very serious and you should test your network see if you are affected (mine is O.K.) Read more: http://www.reuters.com/article/2013/01/29/us-cybersecurity-bugs-idUSBRE90S06320130129 View more: http://twit.tv/show/security-now/389 Test yourself: https://www.grc.com (go to Services > ShieldsUP! and you will find a "instant UPnP exposure test" button) Quote
mooms Posted February 3, 2013 Posted February 3, 2013 With or without my software firewall (Outpost Free), my router is safe: THE EQUIPMENT AT THE TARGET IP ADDRESSDID NOT RESPOND TO OUR UPnP PROBES! Quote
ricktendo Posted February 3, 2013 Author Posted February 3, 2013 Here is a link to an article for some (non)susceptible Linksys routers http://homekb.cisco.com/Cisco2/ukp.aspx?vw=1&articleid=28341 This reconfirms to me that I am fine (I own a E2500) Quote
crashfly Posted February 3, 2013 Posted February 3, 2013 Those who use custom firmware (such as DD-WRT) are also not affected by this security risk. Quote
ricktendo Posted February 5, 2013 Author Posted February 5, 2013 You can get a more detailed scan on this site, it tells you what version UPnP/OS your router has (needs Java) http://netalyzr.icsi.berkeley.edu/ Here is why I am not affected This device appears to run "POSIX UPnP/1.0 linux/5.60.127.2901". A device that is affected shows this This device appears to run "Linux/2.6.35.8, UPnP/1.0, Portable SDK for UPnP devices/1.6.6". This system may be vulnerable to CVE-2012-5958 and CVE-2012-5959 Portable SDK for UPnP Devices has been updated to resolve this issue Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.