Sensitive Data: Twonky Server - Exposure¶

Identifier: twonky_server_exposure

Scanner(s) Support¶

Description¶

Twonky Server exposed to the internet without proper authentication or access restrictions may allow unauthorized users to browse and access media files, interact with server settings, or gather sensitive network information.

How we test: We test for exposed Twonky Server instances by attempting to access DLNA/UPnP endpoints and analyzing responses to detect if the media server is accessible without proper authentication or access restrictions.

Reference:

• https://lynxtechnology.com/twonky-server.html
• https://download.twonky.com/

Configuration¶

Example¶

Example configuration:

---
security_tests:
  twonky_server_exposure:
    skip: false

Reference¶

skip¶

Type : boolean

Skip the test if true.