us homeland security alert – design weakness of universal plug and play – 9th jun 2020

Preface: Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi …

Review historical event: Mirai is an IoT botnet that was designed to exploit vulnerabilities in IoT devices for use in large-scale DDoS attacks.In September 2016, the Mirai malware launched a DDoS attack. A massive attack causes the domain registration services provider (Dyn) interrupted the services in October 2016.

Design weakness on universal plug and play: The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

Concerns by security expert: The attacker can send a specially crafted HTTP SUBSCRIBE request to the vulnerable devices. Meanwhile, An it could utilize this vulnerability to conduct a DDoS attack. For more details, please refer offical articles in the following url – https://www.kb.cert.org/vuls/id/339275

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.