[WXC/VFX] UPnP available WAN-side and not blocked by XNet

✨ Quic broadband | Apple TV | Samsung | AliExpress | Wise | Sharesies

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › One NZ (including Farmside) › [WXC/VFX] UPnP available WAN-side and not blocked by XNet

Guf

4 posts

Wannabe Geek

#114301 15-Feb-2013 09:22

Send private message

http://watchguardsecuritycenter.com/2013/01/31/h-d-moore-unveils-major-upnp-security-vulnerabilities/

http://www.grc.com/securitynow.htm#389

81 million publically routable IPv4 endpoints have UPnP (which only makes sense LAN-side) open on the WAN side, and worse, most of those have a copy of the reference implementation with next to no security in it, thereby allowing a single UDP packet over 1900 to take over the router.

XNet's previously recommended hardware is among those affected, in particular the WAG310G, which also looks like it might also have it's admin portal open WAN-side too!

Various honeypot machines are seeing a daily increase in probes against this port - the threat is very real and definitely increasing!

Use the ShieldsUp service at grc.com ( https://www.grc.com/x/ne.dll?bh0bkyd2 ) to check if you are vulnerable, as it has a specific test for this.

If you are, join in the pressure to get XNet to block UDP:1900 as it is very unlikely the router makers are going to move fast on this as it'd involve admitting liability.

And should they release an update, how many affected customers would actually be able to successfully apply a firmware update - how many would just call it too hard..?

This is a filtered page: currently showing replies marked as answers. Click here to see full discussion.

Guf

4 posts

Wannabe Geek

#772414 1-Mar-2013 18:09

Send private message

I have discovered that if I set up my router to DHCP a certain range but have a DMZ IP outside that range (i.e. a black hole DMZ), the UPnP port is no longer accessible, thus meaning my router is no longer vulnerable to the flaw it has.

I have also reconsidered my request to block UDP1900 at the ISP, as I have remembered that it is not a service port (0-1024) and thus not solely used for UPnP.

I strongly suggest that if you have a vulnerable router, such as the WAG310G, recommend to all users of those to do as I have done. To find out, visit grc.com and use the Shields Up service there as it has a specific test for this.

News and reviews »

New ECOVACS DEEBOT T80S OMNI Available Now
Posted 9-Apr-2026 11:11

Ring Brings 4K Video to Battery-Powered Doorbells
Posted 9-Apr-2026 11:01

Synology Announces a New Privacy-First Home Monitoring Experience for BeeStation Plus
Posted 9-Apr-2026 10:02

GIGABYTE X870E AERO X3D DARK WOOD Redefines the Motherboard
Posted 7-Apr-2026 14:06

Datacom Acquires Auckland Data Centre from T4
Posted 2-Apr-2026 09:43

Spark Launches Satellite Service with SMS and data options
Posted 2-Apr-2026 09:16

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Support Geekzone »

You can support Geekzone with a one-off or recurring donation via PressPatron.

RSS feeds: Main feed; Forums feed
Copyright: ©2002-2026 Geekzone®

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright