UPnP File Share Detection

Low Nessus Plugin ID 94046

Synopsis

The remote device is running a file server.

Description

According to its UPnP data, the remote device hosts a 'Content Directory'. Therefore, an adjacent user can read shared files on the host. This is often associated with a media server.

Solution

Ensure the file share is legitimate and in accordance with your security policy.

See Also

http://upnp.org/specs/av/UPnP-av-ContentDirectory-v1-Service.pdf

Plugin Details

Severity: Low

ID: 94046

File Name: upnp_browse_content_directory.nasl

Version: 1.3

Type: remote

Family: Misc.

Published: 2016/10/13

Modified: 2017/04/24

Dependencies: 35712

Risk Information

Risk Factor: Low

CVSSv2

Base Score: 3.3

Vector: CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:N

CVSSv3

Base Score: 4.3

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

Required KB Items: upnp/www