Attack Vector Targets UPnP

US-CERT is aware of an attack vector targeting networking devices that support UPnP (Universal Plug and Play). This specific attack occurs via a maliciously crafted SWF file that is contained in a web site. When the web site is visited, changes may occur to a router's configuration via UPnP. This may allow an attacker to change any parameter on the router or device that can be set by UPnP.

US-CERT recommends that users consider disabling UPnP. (Note: Disabling UPnP may cause applications that rely on UPnP to fail or operate with reduced functionality.)

US-CERT will provide more information as it becomes available.