UPnP flaws place millions of networks in danger

By Rick ยท 15 replies
Jan 29, 2013
Post New Reply
  1. Several security vulnerabilities found within common UPnP implementations have prompted experts at Rapid 7 to recommend the public disable UPnP entirely. Research spanning several months in 2012 revealed that over 2 percent -- or about 50 million -- of all...

    Read more
  2. jobeard

    jobeard TS Ambassador Posts: 11,174   +989

    I've never allowed UPnP at the gateway router and
    for those on Win/7, the Firewall Advance Settings->Network Discovery (UPnP-in) can be further restricted
    by setting the Scope to your Local Lan
    (properties-> Scope Tab -> (*) These IP addresses -> add -> local subnet)

    UPnP has ALWAYS been an issue.
    MrBlkfx1 likes this.
  3. Rick

    Rick TechSpot Staff Topic Starter Posts: 4,572   +65

    For being "automagical", I've always found it cantankerous.

    I actually re-visited UPnP in recent years to get WiFi sync working between iTunes and my iPhone... It just cemented my previous experiences. Sometimes it would work... sometimes it wouldn't... I'm sure it works fine for many people with many different routers etc.. but I've officially given up on UPnP.

    I'm also someone who takes comfort in being explicit and deliberate when it comes to configuring devices... I leave it disabled and will likely continue to do so for some time.
  4. jobeard

    jobeard TS Ambassador Posts: 11,174   +989

    I was speaking of the Security Risk UPnP creates :sigh:
  5. Lionvibez

    Lionvibez TS Evangelist Posts: 1,268   +437

    Great tip will look into this tonight.

    Question also say you want to use UPNP so it configures the port for the application you are trying to setup but then disabled after its configured. Would it be ok to use it on a per application basis then turn it off when not needed?
  6. jobeard

    jobeard TS Ambassador Posts: 11,174   +989

    That would work, but what a pain to keep track of :(

    There's also the issue of knowing what need to be configured - - sometimes it's more than just one application.
  7. hahahanoobs

    hahahanoobs TS Evangelist Posts: 2,046   +680

    I disabled UPnP almost a year ago when I kept getting disconnected from BF3 servers, and saw disabling UPnP as a fix, and it worked!

    "Without UPnP, users must manually configure port forwarding and IP address assignment via their router and firewall administration utilities."

    Not me. I have zero ports manually configured with UPnP Disabled in my Thompson Modem/router, and torrents and online gaming are trouble free. Hmm, I just looked at settings again... is Automatic Port Mapping in uTorrent a workaround for forwarding ports manually with UPnP disabled?
  8. Darth Shiv

    Darth Shiv TS Evangelist Posts: 1,811   +472

    Without UPnP or ports forwarded, your torrents would not be able to connect to another person who has the same configuration as you. Referred to as whether you are "connectable" or not.

    UPnP is just another technology that should have been aborted at birth. Like ActiveX and WPS. When you consider the security holes and access it gives to unauthorised parties, it is just a bad idea. I've disabled it from day dot on every router that has had the feature because it just stunk.
  9. PinothyJ

    PinothyJ TS Guru Posts: 460   +22


    Rapid seven want my full name, phone number, job title and company, amoungst other things, just to use this utility.

    What a crock...
  10. Lionvibez

    Lionvibez TS Evangelist Posts: 1,268   +437

    I just ran this tool on my network which has UPnP enabled and I got:

  11. Darth Shiv

    Darth Shiv TS Evangelist Posts: 1,811   +472

    Just means your UPnP does not have the exploit that the tool checks for. So you aren't susceptible to *this* problem.

    One of the main reasons I don't like UPnP is that if malicious code runs on a machine in your network, it can use UPnP to open a port to the outside world and do things like act as a server for botnets and so on. Take commands etc. It's just a *really* dumb idea to give arbitrary software that kind of power.
  12. spydercanopus

    spydercanopus TS Evangelist Posts: 856   +121

    If you're directly connected to a modem without a router, you should disable it from services.msc
  13. Per Hansson

    Per Hansson TS Server Guru Posts: 1,960   +218

    This is the exact reason I've given for disabling UPnP in the last decade...
    I always knew a vulnerability like this one we see today would come, I'm actually surprised it took so long!
  14. hahahanoobs

    hahahanoobs TS Evangelist Posts: 2,046   +680

    Thanks for the info.
  15. havok585

    havok585 TS Booster Posts: 155   +27

    UPnP should not be disabled if u host servers (ftp access, public game servers, Winamp radio stations ,etc.) on certified high quality modem/routers (Cisco, Linksis (Cisco again lol) D-Link, NetGear and Asus) especially if u are not a power user, no hacker could access your router, unless the firmware is outdated (professional brands have this auto-updated) and u messed with the settings (firewall disabled, ports left open without filtering)...

    UPnP service should be disabled if u are a power user and want to control the whole scene.
  16. Darth Shiv

    Darth Shiv TS Evangelist Posts: 1,811   +472

    Personally I would highly recommend anyone running dedicated servers to learn port forwarding rather than touch UPnP.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...