UPnP Security Issue

There have been several media stories over the past few days concerning a security risk to UPnP enabled devices called “Callstranger”


Have any knowledgable contributors here any comments to make about this especially in the context of our dCS systems, most of which are now reliant upon UPnP ?

Pete, without going into technical details, this vulnerability depends on the UPnP protocol being enabled on the Internet facing WAN port of your broadband gateway/router.

Just ensure your ISP supplied broadband gateway does not have UPnP enabled, and you’re good to go. No real need to worry about the UPnP devices within your home :slight_smile:

Technical details can be found at http://callstranger.com/index.html

1 Like

Thanks Anup. I have checked my router settings but here is no specific setting for IPnP. However although the home media server ( i.e. UPnP) is enabled the Internet selection is labelled “MagentaCLOUD to Magentacloud”. That is not selected. Does that achieve what I need regarding this malware?

Pete, not all Broadband Gateways will have built-in UPnP capabilities. Most don’t, unless it’s an integrated Gateway/Router. So, it kind of depends on what device the ISP has chosen for their service.

As an example, my ISP (Singtel) provides an integrated Gateway/Router which has UPnP capabilities built into it, but is of course not enabled.

I’m not familiar with MagenaCloud, so I had to look it up; looks to be a Cloud back-up service offered by Deutsche Telekom. Not quite sure what thats doing on your device.

Thanks Anup. Lots of help as always with you.

This is what I see. The Deutsche Telekom facility is easily explained - it’s a German made router.

Yup, you should be fine since you’ve only enabled it for Media Sources from the “home network” and not from the Internet.

I’m curious though, I thought you had a Melco for UPnP Server function for your dCS Mosaic? Why’ve you enabled Media Server on this?

By the way, if you’d like to confirm that your gateway isn’t vulnerable to CallStranger, the Gibson Research Corporation has a service called “ShieldsUp” that (among other things), probes your home gateway from the Internet to checks for the UPnP exposure.



Thanks again as always.

Yes a Melco is my server. These are just the default settings as pre-set by my ISP who supplied the router.

Got it.

Normally I would say; if it ain’t broke… In this case though, you might want to consider disabling it - every time your dCS sends out a UPnP SSDP query out onto your home LAN to identify what (server) services are available, your broadband router is going to respond (along with your Melco of course). That’s just unnecessary “chatter” going on on your LAN if you ask me :grin:

1 Like

I’ll give your suggestion a try. After all if I find that it causes any odd behaviour on the LAN or with devices connected to it ( unlikely) I can always simply re-enable it.

1 Like

What a great resource. Thanks Anup. I was pretty sure I had disabled this sort of stuff on my gateway, but it’s nice to get external verification.

1 Like