In January 2013, Rapid7 published a great paper describing several vulnerabilities in the most common UPnP libraries. Six months later, many devices based on these libraries have not been updated and are still exposed. For example, the Axis M1011 camera contains a vulnerable version of libupnp, which can lead to …
