"Michael Mimoso 2015-09-01 13:11

Security vulnerabilities in UPnP continue to crop up and continue to put millions of home networking devices at risk for compromise.
The latest was revealed in early August, but prompted an advisory yesterday from the DHS-sponsored CERT,
at the Software Engineering Institute at Carnegie Mellon University.
It’s called Filet-o-Firewall and it combines a number vulnerabilities and weaknesses in routing protocols and browsers,
conspiring to expose networked devices behind a firewall to the open Internet.

The primary target is the UPnP service running on commodity home routers, and according to the advisory and research disclosed by researcher Grant Harrelson, attacks can happen in fewer than 20 seconds and any router running UPnP is at risk.

"
Full story: https://threatpost.com/upnp-trouble-...t-risk/114493/


Yet another good reason to disable UPnP....