Most Home Routers Vulnerable to Flash UPnP Attack

← Back to Stories (view on slashdot.org)

Most Home Routers Vulnerable to Flash UPnP Attack

Posted by CmdrTaco on Monday January 14, 2008 @01:55AM from the oh-this-will-go-well dept.

An Anonymous reader noted that some folks at GNU Citizen have been researching UPNP Vulnerabilities in home routers, and have produced a flash swf file capable of opening open ports into your network simply by visiting an unfortunate URL. Looks like Firefox & Safari users are safe for now.

6 of 253 comments (clear)

Open open... by ElGanzoLoco · 2008-01-14 02:17 · Score: 5, Funny

[...] a flash swf file capable of opening open ports into your network [...]

Hold on, now I'm confused: does this attack open open ports, or does it open ports open? Or even worse, does it open open open ports? :D

--
Hello! I'm a disaster waiting to happen!
Re:Let me be the first... by TheCRAIGGERS · 2008-01-14 02:40 · Score: 2, Funny

Firefox is safe anyway, for the time being.

Still, NoFlash... NoScript... soon I'll have to install NoImage and NoCSS. I guess it's time to go back to Gopher.
Re:Turn off UPNP by binaryspiral · 2008-01-14 03:13 · Score: 5, Funny

For most of these people, uPNP is a godsend since it eliminates the need to mess around with portforwarding in the router configuration.

If uPNP is a godsend to those people... they need to get a better God.
Re:WHERE $money; PUT $mouth by bignetbuy · 2008-01-14 04:56 · Score: 4, Funny

Challenging an anon coward...

Yeah, that'll work.
Re:Nothing new, really by mcmonkey · 2008-01-14 06:26 · Score: 2, Funny

Yup, I have seen people computers infected from msn.com

Isn't that redundant? The GP already stated,
It all hinges on going to a malicious web site.
Re:Turn off UPNP by Cramer · 2008-01-14 09:02 · Score: 4, Funny

Simple. Buy one of the new Linksys Draft-N routers and put it in 40MHz mode. It'll stomp all over them.