What is /HNAP1?

Created 17th August 2023
Updated 18th August 2023

CVE-2023-33735

HNAP stands for Home Network Automation Protocol. Scanners look for a request to /HNAP1 to be accepted as it reveals an insecure router - typically Cisco or D-Link - exposed on the Internet. There are dozens of vulnerabilities on this protocol implementation across a range of home network devices so ensuring routers, etc. are patched on home networks is a good idea.

References

1. Common Vulnerabilities and Exposures (CVE). (n.d.). HNAP1 Keyword Search. Retrieved August 17, 2023, from https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=HNAP1
2. Miloserdov, D. (n.d.). What is HNAP, how to find and exploit routers with HNAP. Retrieved August 17, 2023, from https://miloserdov.org/?p=5256