There is no vulnerability here per se (as noted by the researchers). Rather, the MongoDB instances referenced in this post were poorly configured - not using authentication, and were left open to the internet rather than being firewalled appropriately.
The security best practices that should be followed, and how you can both test for and alert on any such misconfiguration are explained here:
http://www.mongodb.com/blog/post/mongodb-security-best-practices
Just to note, this was published the day this news was announced in order to help people configure their systems correctly as soon as possible. I'd also note that this is no different to leaving any other service exposed in such a manner.