Notified: February 25, 2008 Updated: July 22, 2008
The security advisory described in CERT advisory http://www.kb.cert.org/vuls/id/347812 appears to stem from the ability of the Flash ActionScript platform to modify the content type header of HTTP requests made from that platform to other IP addresses. The demonstrated exploit to UPNP seems to be just one of many interactions that the ActionScript platform could cause based on note security problem when accessing services both in and outside the home. The UPnP Forum recommends that Adobe Flash users update to at least the Flash Player 9 April 2008 Security Update to protect their network systems from this and other potential attacks. The UPnP forum recommends that manufacturers support a security solution in their products for critical service methods. The UPnP forum standardized an access control solution in November 2003 that was designed to be used for this purpose, but to date has not be adopted by manufacturers. A complementary short-term solution is for manufacturers to use a non-fixed URL for their service URLBase values, so that they may not be predicted by such attacks. The UPnP forum is committed to providing value for consumers and the industry. As a result, we continue to actively work with the industry on security solutions that can be adopted in home environments. Per normal security practice, the UPnP forum recommends also that users change the default passwords on my product to protect against other non-UPnP attacks and that users follow the appropriate security precautions for their computer platforms.
The vendor has not provided us with any further information regarding this vulnerability.