MiniUPnP Vulnerability Clears Way for Stack Smashing Attack

January 27, 2016

The Internet of Things security challenge is twofold: finding bugs, and more urgent – fixing them.

Cisco’s Talos security intelligence and research group found and privately disclosed a serious and trivially exploitable client-side bug in MiniUPnP that was patched in September of last year.

The problem is: How many patches were applied by vendors in their products and how many admins knew about the patch and deployed it on networks worldwide?

The vulnerability in the library (CVE-2015-6031) – MiniUPnP facilitates local communication between devices behind a firewall – is a buffer overflow. A successful exploit gives an attacker remote-code execution capabilities on a device, and quite likely further access inside the local network.

Read full story…