UPnP definition
UPnP is a network protocol that allows apps and devices to open and close ports automatically in order to connect with each other. UPnP requires zero configuration — you can add a new device to your network and have it automatically connect with your other devices.
UPnP doesn’t use authentication and only requires authorization for some devices. Because many router manufacturers enable UPnP by default on their products, hackers can trick routers into letting them in by pretending to be household devices. Once inside, criminals can install malware on your devices or steal sensitive information.
Real UPnP use cases
- Gaming: Gaming consoles need to be connected to your router when you want to play multiplayer games.
- Internet of Things devices: Smart lighting, thermostats, and other devices may require an internet connection to operate without user input.
- Streaming on internet TV devices: Roku stick, Android TV, Apple TV, and other streaming devices need to be connected to the internet to display content.
- Remote work: Wireless printers, scanners, and other home office devices communicate with each other over your network.
Stopping UPnP exploits
- Enable UPnP-UP to require authentication and authorization for UPnP devices or apps. However, keep in mind that not all devices fully support UPnP-UP.
- Disable UPnP entirely and set up new devices manually. Doing so provides the greatest level of security at the cost of convenience.