quote:During the security analysis, we have discovered remote preauth format string vulnerability in Broadcom UPnP stack. Vulnerability can be exploited to write arbitrary values to arbitrary memory address, and also to remotely read router memory. When properly exploited, it allows unauthenticated attacker to execute arbitrary code under root account.
Source:
http://news.softpedia.com/news/DefenseCode-Publishes-List-of-Routers-Impacted-by-Broadcom-UPnP-Vulnerability-327631.shtml
So now we know why the Actiontec's firmware is so terrible. Telus is trying to protect us by having the UPnP daemon crash so that we can't be hacked.
Anyone who knows how to port forward who is using UPnP may want to look at disabling UPnP and forwarding any ports you need instead. The Actiontec is on the list of vulnerable hardware.
↧