Posted by DefenseCode on Apr 06

Hi,

Few years ago, we have discovered a remotely exploitable preauth Format
String vulnerability in Broadcom UPnP implementation used in popular
routers.
Vendors were notified and advisory was published –
http://defensecode.com/public/DefenseCode_Broadcom_Security_Advisory.pdf .
Broadcom fixed the vulnerability in their UPnP implementation and some
router vendors did it also.

Vulnerability was initially discovered on Cisco Linksys (now Belkin)…