CallStranger Vulnerability Lets Attacks Bypass Security Systems and Scan LANs

by
Fnord666
from SoylentNews on (#54K2B)

upstart writes in with an IRC submission:

CallStranger vulnerability lets attacks bypass security systems and scan LANs:

A severe vulnerability resides in a core protocol found in almost all internet of things (IoT) devices.

The vulnerability, named CallStranger, allows attackers to hijack smart devices for distributed denial of service (DDoS) attacks, but also for attacks that bypass security solutions to reach and conduct scans on a victim's internal network -- effectively granting attackers access to areas where they normally wouldn't be able to reach.

According to a website dedicated to the CallStranger vulnerability published today, the bug impacts UPnP, which stands for Universal Plug and Play, a collection of protocols that ship on most smart devices.

Also at Ars Technica.

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments