UPnP vulnerability

If your problem doesn't fall into one of the other categories, report it here.

Moderator: Moderators

Post Reply
User avatar
Urgje
Posts: 45
Joined: Fri Sep 02, 2011 4:32 am
Location: The Netherlands

UPnP vulnerability

Post by Urgje »

Hi all,

Recently I've been reading a couple of alarming messages about a widespread UPnP vulnerability.
See here:
https://community.rapid7.com/community/ ... -dont-play

What I'm wondering about; is Gargoyle (running version 1.4.7. firmware on my NetGeart WNDR3700v2 here) vulnerable to this too? Or has this been plugged already?

Urgje
Urgje (Netgear WNDR3700v2 / Gargoyle 1.4.7)
[my ego shrank while growing up]

pbix
Developer
Posts: 1373
Joined: Fri Aug 21, 2009 5:09 pm

Re: UPnP vulnerability

Post by pbix »

OpenWRT and Gargoyle use miniupnpd v1.6. According to the Rapid7 and this thread http://www.linuxquestions.org/questions ... 175447803/ all security holes in miniupnpd were fixed by v1.4.

So I am not thinking there is a problem with modern versions of Gargoyle. Perhaps someone else would care to comment if they think I am wrong.

But Gargoyle users should be aware the security holes in upnp are found from time to time and as such it is not favored by the most security conscious of IT professionals. If this is the most recent on then the last security hole found in miniupnpd was in 2009. I wish the rest of our software could say the same.

UPNP is disabled by default in Gargoyle and users will need to make up their own minds about whether to enable it or not.

In my view this is a case study in why you should use open source firmware on your router. As mentioned in the report most stock firmware is no longer being updated so if you have a router with a vulnerability you are simply stuck unless you can install something like Gargoyle on it to close the hole.

Thanks for the post, it reminds everyone to be vigilant.
Linksys WRT1900ACv2
Netgear WNDR3700v2
TP Link 1043ND v3
TP-Link TL-WDR3600 v1
Buffalo WZR-HP-G300NH2
WRT54G-TM

User avatar
Urgje
Posts: 45
Joined: Fri Sep 02, 2011 4:32 am
Location: The Netherlands

Re: UPnP vulnerability

Post by Urgje »

Hi pbix,

Thanks for taking the time for your extensive reply.

Good to hear (and see from running the UPnP Exposure Test on GRC.com [https://www.grc.com/x/ne.dll?rh1dkyd2]) that Gargoyle and the version of miniupnp it is running, are safe.

And about everyone once more learning to be vigilant. Security begins and ends with the user, I always teach people.
Urgje (Netgear WNDR3700v2 / Gargoyle 1.4.7)
[my ego shrank while growing up]

Post Reply