{"id":35458,"date":"2020-06-11T16:42:32","date_gmt":"2020-06-11T16:42:32","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31289\/UPnP-Flaw-Exposes-Millions-Of-Network-Devices.html"},"modified":"2020-06-11T16:42:32","modified_gmt":"2020-06-11T16:42:32","slug":"upnp-flaw-exposes-millions-of-network-devices","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/","title":{"rendered":"UPnP Flaw Exposes Millions Of Network Devices"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/06\/network-devices-800x441.jpg\" alt=\"A cartoon demonstrates a household using multiple internet devices.\"><\/p>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\">\n<h4 class=\"comment-count-before\"><a title=\"48 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2020\/06\/upnp-flaw-exposes-millions-of-network-devices-to-attacks-over-the-internet\/?comments=1\">reader comments<\/a><\/h4>\n<p><a title=\"48 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2020\/06\/upnp-flaw-exposes-millions-of-network-devices-to-attacks-over-the-internet\/?comments=1\"><span class=\"comment-count-number\">64<\/span> <span class=\"visually-hidden\">with 48 posters participating<\/span><\/a><\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/div>\n<\/aside>\n<p>Millions of routers, printers, and other devices can be remotely commandeered by a new attack that exploits a security flaw in the Universal Plug and Play network protocol, a researcher said.<\/p>\n<p>CallStranger, as the exploit has been named, is most useful for forcing large numbers of devices to participate in distributed denial of service\u2014or DDoS\u2014attacks that overwhelm third-party targets with junk traffic. CallStranger can also be used to exfiltrate data inside networks even when they\u2019re protected by data loss prevention tools that are designed to prevent such attacks. The exploit also allows attackers to scan internal ports that would otherwise be invisible because they\u2019re not exposed to the Internet.<\/p>\n<p>Billions of routers and other so-called Internet-of-things devices are susceptible to CallStranger, Yunus \u00c7ad\u0131rc\u0131, a Turkish researcher who discovered the vulnerability and wrote the proof-of-concept attack code that exploits it, <a href=\"https:\/\/callstranger.com\/\">wrote over the weekend<\/a>. For the exploit to actually work, however, a vulnerable device must have UPnP, as the protocol is known, exposed on the Internet. That constraint means only a fraction of vulnerable devices are actually exploitable.<\/p>\n<h2>Still unsafe after all these years<\/h2>\n<p>The <a href=\"https:\/\/en.wikipedia.org\/wiki\/Universal_Plug_and_Play\">12-year-old UPnP protocol<\/a> simplifies the task of connecting devices by allowing them to automatically find each other over a network. It does this by using the HTTP, SOAP, and XML protocols to advertise themselves and discover other devices over networks that use the Internet Protocol.<\/p>\n<p>While the automation can remove the hassle of manually opening specific network ports that different devices use to communicate, UPnP over the years has opened users to a variety of attacks. In 2013, an Internet-wide scan found that UPnP was <a href=\"https:\/\/arstechnica.com\/information-technology\/2013\/01\/to-prevent-hacking-disable-universal-plug-and-play-now\/\">making more than 81 million devices visible<\/a> to people outside the local networks. The finding was a surprise because the protocol isn&#8217;t supposed to communicate with outside devices. The exposure was largely the result of several common code libraries that monitored all interfaces for <a href=\"https:\/\/en.wikipedia.org\/wiki\/User_Datagram_Protocol\">User Datagram Protocol<\/a> packets even if configured to listen only on internal ones.<\/p>\n<p> In November 2018, researchers detected two in-the-wild attacks that targeted devices using UPnP. One used a buggy UPnP implementation in Broadcom chips to <a href=\"https:\/\/arstechnica.com\/information-technology\/2018\/11\/a-100000-router-botnet-is-feeding-on-a-5-year-old-upnp-bug-in-broadcom-chips\/\">wrangle 100,000 routers into a botnet<\/a>. The other, <a href=\"https:\/\/arstechnica.com\/information-technology\/2018\/11\/mass-router-hack-exposes-millions-of-devices-to-potent-nsa-exploit\/\">used against 45,000 routers<\/a>, exploited flaws in a different UPnP implementation to open ports that were instrumental in spreading EternalRed and EternalBlue, the potent Windows attack that was <a href=\"https:\/\/arstechnica.com\/information-technology\/2017\/04\/nsa-leaking-shadow-brokers-just-dumped-its-most-damaging-release-yet\/\">developed by and later stolen from the NSA<\/a>.<\/p>\n<h2>Subscribe now<\/h2>\n<p>CallStranger allows a remote and unauthenticated user to interact with devices that are supposed to be accessible only inside local networks. One use for the exploit is directing large amounts of junk traffic to destinations of the attacker\u2019s choice. Because the output sent to attacker-designated destinations is much bigger than the request the attacker initiates, CallStranger provides a particularly powerful way to amplify the attacker\u2019s resources. Other capabilities include enumerating all other UPnP devices on the local network and exfiltrating data stored on the network, in some cases even if it\u2019s protected by data loss prevention tools.<\/p>\n<p>The vulnerability is tracked as CVE-2020-12695, and advisories are <a href=\"https:\/\/kb.cert.org\/vuls\/id\/339275\">here<\/a> and <a href=\"https:\/\/www.tenable.com\/blog\/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of\">here<\/a>. \u00c7ad\u0131rc\u0131 posted a PoC script that demonstrates the capabilities of CallStranger <a href=\"https:\/\/github.com\/yunuscadirci\/CallStranger\">here<\/a>.<\/p>\n<p>The exploit works by abusing the UPnP SUBSCRIBE capability, which devices use to receive notifications from other devices when certain events\u2014such as the playing of a video or music track\u2014happen. Specifically, CallStranger sends subscription requests that forge the URL that\u2019s to receive the resulting \u201ccallback.\u201d<\/p>\n<p>To perform DDoSes, CallStranger sends a flurry of subscription requests that spoof the address of a third-party site on the Internet. When the attack is performed in unison with other devices, the lengthy callbacks bombard the site with a torrent of junk traffic. In other cases the URL receiving the callback points to a device inside the internal network. The responses can create a condition similar to a <a href=\"https:\/\/www.acunetix.com\/blog\/articles\/server-side-request-forgery-vulnerability\/\">server-side request forgery<\/a>, which allows attackers to hack internal devices that are behind network firewalls.<\/p>\n<p>Devices that \u00c7ad\u0131rc\u0131 has confirmed to be vulnerable are:<\/p>\n<ul>\n<li>Windows 10 (Probably all Windows versions including servers) &#8211; upnphost.dll 10.0.18362.719<\/li>\n<li>Xbox One- OS Version 10.0.19041.2494<\/li>\n<li>ADB TNR-5720SX Box (TNR-5720SX\/v16.4-rc-371-gf5e2289 UPnP\/1.0 BH-upnpdev\/2.0)<\/li>\n<li>Asus ASUS Media Streamer<\/li>\n<li>Asus Rt-N11<\/li>\n<li>BelkinWeMo<\/li>\n<li>Broadcom ADSL Modems<\/li>\n<li>Canon SELPHY CP1200 Printer<\/li>\n<li>Cisco X1000 &#8211; (LINUX\/2.4 UPnP\/1.0 BRCM400\/1.0)<\/li>\n<li>Cisco X3500 &#8211; (LINUX\/2.4 UPnP\/1.0 BRCM400\/1.0)<\/li>\n<li>D-Link DVG-N5412SP WPS Router (OS 1.0 UPnP\/1.0 Realtek\/V1.3)<\/li>\n<li>EPSON EP, EW, XP Series (EPSON_Linux UPnP\/1.0 Epson UPnP SDK\/1.0)<\/li>\n<li>HP Deskjet, Photosmart, Officejet ENVY Series (POSIX, UPnP\/1.0, Intel MicroStack\/1.0.1347)<\/li>\n<li>Huawei HG255s Router &#8211; Firmware HG255sC163B03 (ATP UPnP Core)<\/li>\n<li>NEC AccessTechnica WR8165N Router ( OS 1.0 UPnP\/1.0 Realtek\/V1.3)<\/li>\n<li>Philips 2k14MTK TV- Firmware TPL161E_012.003.039.001<\/li>\n<li>Samsung UE55MU7000 TV &#8211; FirmwareT-KTMDEUC-1280.5, BT &#8211; S<\/li>\n<li>Samsung MU8000 TV<\/li>\n<li>TP-Link TL-WA801ND (Linux\/2.6.36, UPnP\/1.0, Portable SDK for UPnP devices\/1.6.19)<\/li>\n<li>Trendnet TV-IP551W (OS 1.0 UPnP\/1.0 Realtek\/V1.3)<\/li>\n<li>Zyxel VMG8324-B10A (LINUX\/2.6 UPnP\/1.0 BRCM400-UPnP\/1.0)<\/li>\n<\/ul>\n<p>\u00c7ad\u0131rc\u0131 reported his findings to the Open Connectivity Foundation, which maintains the UPnP protocol, and the foundation has <a href=\"https:\/\/openconnectivity.org\/upnp-specs\/UPnP-arch-DeviceArchitecture-v2.0-20200417.pdf\">updated the underlying specification<\/a> to fix the flaw. Users can check with developers and manufacturers to find out if or when a patch will be available. A significant percentage of IoT devices never receive updates from manufacturers, which means the vulnerability will live on for some time to come.<\/p>\n<p>As always, the best defense is to disable UPnP altogether. Most routers allow this by unchecking a box in the settings menu. For those who insist on keeping UPnP turned on, use a site such as <a href=\"https:\/\/www.f-secure.com\/en\/home\/free-tools\/router-checker\">this one<\/a> to make sure the router isn&#8217;t exposing sensitive ports. UPnP users with the experience and capability can also periodically check logs to detect exploits.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31289\/UPnP-Flaw-Exposes-Millions-Of-Network-Devices.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":35459,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[256],"class_list":["post-35458","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinehackerflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>UPnP Flaw Exposes Millions Of Network Devices 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"UPnP Flaw Exposes Millions Of Network Devices 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-06-11T16:42:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/upnp-flaw-exposes-millions-of-network-devices.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"441\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"UPnP Flaw Exposes Millions Of Network Devices\",\"datePublished\":\"2020-06-11T16:42:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/\"},\"wordCount\":959,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/upnp-flaw-exposes-millions-of-network-devices.jpg\",\"keywords\":[\"headline,hacker,flaw\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/\",\"name\":\"UPnP Flaw Exposes Millions Of Network Devices 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/upnp-flaw-exposes-millions-of-network-devices.jpg\",\"datePublished\":\"2020-06-11T16:42:32+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/upnp-flaw-exposes-millions-of-network-devices.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/upnp-flaw-exposes-millions-of-network-devices.jpg\",\"width\":800,\"height\":441},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/upnp-flaw-exposes-millions-of-network-devices\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"UPnP Flaw Exposes Millions Of Network Devices\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"UPnP Flaw Exposes Millions Of Network Devices 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/","og_locale":"en_US","og_type":"article","og_title":"UPnP Flaw Exposes Millions Of Network Devices 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-06-11T16:42:32+00:00","og_image":[{"width":800,"height":441,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/upnp-flaw-exposes-millions-of-network-devices.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"UPnP Flaw Exposes Millions Of Network Devices","datePublished":"2020-06-11T16:42:32+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/"},"wordCount":959,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/upnp-flaw-exposes-millions-of-network-devices.jpg","keywords":["headline,hacker,flaw"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/","url":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/","name":"UPnP Flaw Exposes Millions Of Network Devices 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/upnp-flaw-exposes-millions-of-network-devices.jpg","datePublished":"2020-06-11T16:42:32+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/upnp-flaw-exposes-millions-of-network-devices.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/upnp-flaw-exposes-millions-of-network-devices.jpg","width":800,"height":441},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/upnp-flaw-exposes-millions-of-network-devices\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerflaw\/"},{"@type":"ListItem","position":3,"name":"UPnP Flaw Exposes Millions Of Network Devices"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35458","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=35458"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35458\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/35459"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=35458"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=35458"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=35458"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}