Network Security & Universal Plug-N-Play

by Brad Garland


Recently, Hacker News published a blurb about how network-enabled Universal Plug and Play devices have a security flaw that exposes sensitive information that would typically be hidden behind the firewall.

"Recent research from Rapid7 revealed that around 40-50 million network-enabled devices are at risk due to vulnerabilities found in the Universal Plug and Play (UPnP) protocol." Within these new devices, i.e. SmartTVs, printers, web cameras, etc., the UPnP protocol is turned on by default. To the unwatchful eye, this can typically go unnoticed, leaving your network open to a slew of attacks and loss of sensitive information.

Thankfully, in light of this recent discovery, Rapid7 has also released a free ScanNow tool to check whether your network-enabled devices may be vulnerable to such exposures.