Would you rather choose convenience or security? UPnP helps you quickly connect devices to your network – zero manual configuration needed. However, it can also let hackers into your network to perform malicious activities. Find out how hackers exploit UPnP and what you can do to protect yourself.
To understand what UPnP is, you should first understand port forwarding. Port forwarding is used to establish a direct connection between your home device or a server and a remote device. For example, you might want to connect your laptop to your home camera and keep an eye on them while you are away.
How does it work? All your home devices, including your router, together create a so-called Local Area Network (LAN). Everything outside the LAN, such as website servers or your friend’s computer, are on the Wider Area Network (WAN). Usually, no one outside your LAN can access devices on your network unless you let them via port forwarding.
Universal Plug and Play (UPnP) is a protocol that allows apps and other devices on your network to open and close ports automatically to connect with each other. For example, if you want to connect a printer to everyone in your household without UPnP, you would need to connect the printer to every single device. UPnP automates this.
UPnP offers zero-configuration, meaning that none of the devices on your network need manual configuration to discover a new device. UPnP-enabled devices can automatically join a network, obtain an IP address, and find and connect to other devices on your network, making it very convenient.
Originally, UPnP was only supposed to work on the LAN level, meaning that only devices on your network could connect to each other. However, many router manufacturers now enable UPnP by default, making them discoverable from the WAN, which leads to many security issues.
UPnP doesn’t use authentication or authorization (only some devices), assuming that devices trying to connect to it are trustworthy and come from your local network. This means that hackers can find backdoors to your network. For example, they can discover your router on the wider net and then pretend to be an Xbox. They will send a UPnP request to your router and the router will open the port – no questions asked.
Once the hacker gets a presence on the network, they can:
When it comes to UPnP router vulnerabilities, there are two options you can choose to protect yourself.
First, you can enable UPnP-UP (Universal Plug and Play – User Profile), which provides authentication and authorization mechanisms for UPnP devices and applications. However, this is not a foolproof method as many devices don’t fully support it and might still assume that other devices connecting to your router are trustworthy.
The other more secure method is to disable UPnP completely. Before you do, it’s recommended to check whether your router is vulnerable to UPnP exploits. You should also consider whether you want to give up the convenience of UPnP and whether you will be able to set up your devices manually. Doing so may require some technical know-how.
For more cybersecurity news and tips, subscribe to our monthly blog newsletter below!