Owners of Linksys, Edimax, Sitecom, and Thomson (Speedtouch) routers need to be aware of a very serious security flaw uncovered last month. Steve Gibson of the Security Now! podcast (who vets the hell out of everything before he opens his mouth) shared the news (look for the part where he says “pay attention”).
In a nutshell, these routers involve a feature called universal plug-and-play, which lets various other devices (like Microsoft’s xBox gaming console) interact with them. Using this feature, someone on the outside—out there on the Internet—can hit your router with packets of data, log in, and reconfigure your router. This means a person can remap the ports on your router to gain access to your internal network.
Owners of these routers should be sure to log into their routers and configure them to disable universal plug-and-play. Yes, that will mean that gamers are stuck, but knowledgeable gamers can map the specific ports in the router they need.
This is a serious problem, and owners of these routers need to act immediately to make sure their security is not compromised.