Billions of devices affected by UPnP vulnerability

Marko :)

Marko :)

Level 20
Verified
Top Poster
Well-known
Aug 12, 2015
967
SeriousHoax said:
I don't think you need UPnP unless you regularly download items from Private trackers which may require you to enable UPnP for seeding and other stuff.
Click to expand...
Some games require UPnP too.
oldschool said:
You may test here @ Gibson Research Corp.
Click to expand...
Hmm... I have it enabled in router's settings, but looks like everything is find on my end.

Screenshot_1.png
Spawn said:
People still Torrent (leechers vs seeders)? There are literally hundreds of streaming services out available.

What do you make of this UPnP and Port Forwarding, since I need the Open NAT for online games?
www.windowscentral.com

How to get Open NAT on Xbox One by enabling UPnP — and why you should

UPnP keeps your multiplayer gaming running smoothly.
www.windowscentral.com www.windowscentral.com
Click to expand...
Yes, people still torrent. Those pirate streaming sites offer movies and TV shows in low quality, constantly buffering (sometimes not working links) and without possibility to watch content with subtitles.
 
  • Like
Reactions: Stopspying, harlan4096, SeriousHoax and 1 other person
blackice

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,786
Marko :) said:
Some games require UPnP too.

Hmm... I have it enabled in router's settings, but looks like everything is find on my end.

View attachment 242571

Yes, people still torrent. Those pirate streaming sites offer movies and TV shows in low quality, constantly buffering (sometimes not working links) and without possibility to watch content with subtitles.
Click to expand...
That GRC test only shows if UPnP responds to external pings, which it shouldn't. What brand router do you have?
 
  • Like
Reactions: Stopspying, SeriousHoax, Protomartyr and 1 other person
Marko :)

Marko :)

Level 20
Verified
Top Poster
Well-known
Aug 12, 2015
967
blackice said:
That GRC test only shows if UPnP responds to external pings, which it shouldn't. What brand router do you have?
Click to expand...
It's the router I got from my ex ISP back in 2013. I mean, it's so old that company literally changed three times. ISP I got it from was bought by Telekom Austria. Then after a few years, there was migration of users to local ISP already owned by Telekom Austria company — Vipnet. And then two years ago, there was total rebranding of current ISP to A1, to match other ISP's under Telekom Austria group.

The router's brand is Telsey and the model is CPL7. You probably never heard for it; neither did I until I got it.
 
  • Like
Reactions: Stopspying, SeriousHoax, Protomartyr and 1 other person
blackice

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,786
Marko :) said:
It's the router I got from my ex ISP back in 2013. I mean, it's so old that company literally changed three times. ISP I got it from was bought by Telekom Austria. Then after a few years, there was migration of users to local ISP already owned by Telekom Austria company — Vipnet. And then two years ago, there was total rebranding of current ISP to A1, to match other ISP's under Telekom Austria group.

The router's brand is Telsey and the model CPL7. You probably never heard for it; neither did I until I got it.
Click to expand...
You are right, I have never heard of them. The one router company I know uses miniUPnP is ASUS. If you use Merlin's firmware he keeps it up to date to the latest version at all times.
 
  • Like
Reactions: Stopspying, SeriousHoax, Protomartyr and 1 other person
Marko :)

Marko :)

Level 20
Verified
Top Poster
Well-known
Aug 12, 2015
967
blackice said:
You are right, I have never heard of them. The one router company I know uses miniUPnP is ASUS. If you use Merlin's firmware he keeps it up to date to the latest version at all times.
Click to expand...
I could ask my ISP for newer router, but this one still works fine except I get only half of internet speed via Wi-Fi. 😁
 
  • Like
Reactions: oldschool and Protomartyr
blackice

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,786
Marko :) said:
I could ask my ISP for newer router, but this one still works fine except I get only half of internet speed via Wi-Fi. 😁
Click to expand...
As long as the firmware is kept up to date it should be good. A lot of vendors abandon updating firmware and closing vulnerabilities rather quickly. You may want the new one just to make sure you are getting the latest firmware updates (especially if it's of no cost to you).
 
  • Like
Reactions: Stopspying, CyberTech, bayasdev and 3 others
Marko :)

Marko :)

Level 20
Verified
Top Poster
Well-known
Aug 12, 2015
967
blackice said:
As long as the firmware is kept up to date it should be good. A lot of vendors abandon updating firmware and closing vulnerabilities rather quickly. You may want the new one just to make sure you are getting the latest firmware updates (especially if it's of no cost to you).
Click to expand...
What firmware? Since I have this router, I haven't had updated it once. As a user, don't even have an option to update it. 😂

I had to literally dig the admin password in the router source code to access admin so I could change DNS servers. There is option for updating the firmware, but it can only be updated by loading file from computer. I honestly doubt there is any new firmware for this old router.

Most of these routers ISPs give us are garbage. I heard they got some new Huawei ones (which support 802.11ac dual-band Wi-Fi) and I'm still shocked.
 
  • Like
Reactions: Protomartyr and oldschool
bayasdev

bayasdev

Level 19
Verified
Top Poster
Well-known
Sep 10, 2015
901
Let's keep an MT secret! I once telneted into a WPS vulnerable wifi network and ran a rm -rf --no-preserve-root, then nobody else was able to connect including me but the SSID was still broadcasted, it was a fiberhome/ZTE ISP router (the ISP uses the same telnet passwords for all routers).
 
  • Like
Reactions: Stopspying, Protomartyr and oldschool
You must log in or register to reply here.

Similar threads

LASER_oneXM
    • Like
277,000 routers exposed to Eternal Silence attacks via UPnP
Replies
0
Views
754
News Archive
LASER_oneXM
LASER_oneXM
silversurfer
    • Like
Critical Root RCE Bug Affects Multiple Netgear SOHO Router Models
Replies
0
Views
921
News Archive
silversurfer
silversurfer
JustInTime
    • Applause
    • +Reputation
Meet Window Snyder, the trailblazer who helped secure the internet and billions of devices
Replies
0
Views
467
News Archive
JustInTime
JustInTime

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top