UPnP stands for “Universal Plug and Play.” Using UPnP, an application can automatically forward a port on your router, saving you the hassle of forwarding ports manually. This is fine for inside your network, or better said it is fine behind your firewall. This is why you can easily connect devices like smart TV’s, internet radios, printers and more to your network. However it has been recently discovered that many wireless routers sold today actually come with UPnP enabled by default for access outside of your firewall as well.
Is This a Problem? Yes. There’s no getting around this one – UPnP assumes local programs are trustworthy and allows them to forward ports. However if UPnP is enabled for the “internet side” of your wireless network your computers & devices on your network are open to security hackers.
This is because UPnP doesn’t require any sort of authentication from the user. Any application running on your computer can ask the router to forward a port over UPnP, which is why the malware above can abuse UPnP. You might assume that you’re secure as long as no malware is running on any local devices – but you’re probably wrong.
Very recently it has been discovered that millions of routers in the wild (live on the internet) are vulnerable. Many router manufacturers haven’t done a good job of securing their UPnP implementations.
The good news is that if you take time you can check your wireless router and correct the problem. The best and easiest way to check your network is to go to the GRC / ShieldUp website at https://www.grc.com.
When you arrive at the webpage select “Proceed”. There are many great security risks you can check here. However the UPnP risk is so prevalent at the moment that this option is the very first first thing you see. Select “GRC’s Instant UpNP Exposure Test”. if your network passes the test you have no worries. if it does not, simply follow the directions for disabling UpNP on your router.