CSOonline

Broadcom UPnP implementation also contains critical vulnerability, researchers say

Security researchers from Croatia-based security firm DefenseCode claim to have found a critical remote code execution vulnerability in the UPnP (Universal Plug and Play) implementation developed by ...
TechSpot

Broadcom chips with old UPnP flaw have allowed for thousands of routers to form a botnet

Why it matters: A botnet of over 100,000 devices can cause a great deal of harm with ease. In this case, mass generation of spam appears to be the goal. Router manufacturers have known about the flaw ...
Bleeping Computer

Unpatched UPnP-Enabled Devices Left Exposed to Attacks

Outdated software on UPnP-enabled devices exposes them to attacks designed to exploit a wide range of vulnerabilities found in UPnP libraries used by various daemons and servers reachable over the ...
ZDNet

How to fix the UPnP security holes

While the US Computer Emergency Readiness Team (US-CERT) specifically talks about devices that use versions of libupnp, the open-source portable software development kit (SDK) for UPnP earlier than ...
Bleeping Computer

Over 65,000 Home Routers Are Proxying Bad Traffic for Botnets, APTs

Botnet operators and cyber-espionage groups (APTs) are abusing the Universal Plug and Play (UPnP) protocol that comes with all modern routers to proxy bad traffic and hide their real location from ...