What's new

Akamai: "UPnProxy: Blackhat Proxies via NAT Injections"

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Until proven otherwise, I call BS on their list of vulnerable routers, considering that Asuswrt does not expose UPnP to the WAN, and also that it refuses to forward ports to an IP different from the one that issued the forward request.
 
Until proven otherwise, I call BS on their list of vulnerable routers, considering that Asuswrt does not expose UPnP to the WAN, and also that it refuses to forward ports to an IP different from the one that issued the forward request.

One must be careful, as the source IP can be spoofed - I'm seeing the private IP ranges as source recently on my WAN interface - likely looking to explore what might happen...
 
One must be careful, as the source IP can be spoofed - I'm seeing the private IP ranges as source recently on my WAN interface - likely looking to explore what might happen...

Would still require UPnP/SSDP to be open to the WAN.
 
Would still require UPnP/SSDP to be open to the WAN.

Probably more for other devices other than AsusWRT... Seeing a big spike there on activity on all ports

Still find it interesting that the "cloud" is working on the private IP ranges, along with Link-Local and Multicast from the WAN...
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top