TechMende.com
Easy Technology Tips, Tricks & Guides

What Is UPnP & Why Is It Dangerous?

Modern technology is plagued with unsecured features, security loopholes, and general oversights. For example, flash drives can carry keyloggers, browsers might have open backdoors, Windows constantly updates with security fixes, and security breaches are a constant news feature.

Universal Plug and Play (UPnP) is one technological advancement that, too, comes with its share of drawbacks. It’s a technology of convenience, but that convenience can leave your system vulnerable for a number of reasons.

MAKEUSEOF VIDEO OF THE DAY

So, what is UPnP, and why is it dangerous for the safety of your network?

What Is Universal Plug & Play?

In technical terms, UPnP is a networking protocol (or actually, a set of networking protocols). These protocols outline a specific communication method that devices of all sorts can use to communicate with one another on a network immediately. For the most part, it’s used by devices to discover other devices on that particular network. Now, UPnP is so common that you’ve probably used it without even realizing it (though its use is very, very slowly decreasing).


Still confused about UPnP? Think of a printer. The first step is physically connecting the printer to your network (though nowadays it can be done through Wi-Fi). In the past, you’d have to manually search for it and set it up so other network devices could find that printer. Today, though, it happens automatically thanks to UPnP, and there are even ways you can convert your wired printer to a wireless one.

Once connected, devices on the network can continue communicating with one another by sending and receiving data. Computers can tell printers to print documents, media centers transmit audio data, mobile devices can mount themselves onto computers, and so on. The possibilities are endless.

Hence the term “plug and play.” You plug in the device, and you can immediately start playing (i.e., using it) without wading through setup and configuration nightmares, making it one of the most convenient networking technologies today. One thing to note is that UPnP is mostly used on residential networks as opposed to business networks due to its inherent security issues.

Is UPnP a Security Risk?

UPnP has been under fire for over a decade regarding its security vulnerabilities. Both the FBI and the Department of Homeland Security have suggested users disable their UPnP settings to minimize their risks of damage or exposure. A cursory internet search for “UPnP vulnerability” returns heaps of results illustrating the dangers of UPnP.

And, before you start thinking these UPnP flaws only affect old hardware, think again.

Although there have been numerous UPnP vulnerabilities discovered since its 2008 launch, the last major UPnP vulnerability was revealed in 2020. The CallStranger UPnP vulnerability effectively allowed an attacker to bypass security restrictions, potentially allowing data theft. Then, in early 2022, security company Akami updated its UPnProxy report (the UPnProxy vulnerability was first discovered in 2018) with information on the Eternal Silence UPnP vulnerability, exposing millions of routers worldwide.


Why Is UPnP a Security Risk?

So, what exactly is the problem with UPnP? Why does UPnP lead to security issues?

Well, as UPnP automatically opens ports and authorizes port-forwarding connections, it assumes that every connecting device is trustworthy. Now, it doesn’t take a security expert to realize how that could become a significant risk. So, while most routers block malicious connections, a poorly configured UPnP-enabled router may pass through a hostile incoming connection, granting access to your network.

But that’s just one way UPnP is a security issue. Another danger is the ease with which malware can exploit UPnP to move through a network after infecting a device. Other devices connected to the infected device using UPnP suffer the same problem as a poorly configured router; all devices and connections are legitimate, therefore, trustworthy.

UPnP has also featured in some of the largest DDoS attacks. For example, the enormous Mirai botnet used exposed Internet of Things devices (many of which use UPnP for easy configuration) to amplify its attack power, using the botnet to knock websites offline. In that, we arrive at another UPnP issue: many IoT devices depend on UPnP for configuration but are not upgradable, or their configuration cannot be altered to remove or disable UPnP. Without proper configuration elsewhere, UPnP-dependent IoT devices will remain an issue.

How to Turn UPnP Off

Typically, UPnP vulnerabilities boil down to two main issues:

  • Programming Errors: Oversights in the actual UPnP code is exploited, allowing them to execute harmful code through injection.
  • Unintended Exposure: While the purpose of UPnP is to make devices on a network easily discoverable by other devices on that network, unfortunately, some UPnP control interfaces can be exposed to the public internet, allowing malicious users to find and gain access to private devices.

Given the scale of both issues, you can understand why most UPnP advice centers around switching the feature off. However, so many devices utilize UPnP and manufacturers for each type of device that we couldn’t possibly cover disabling instructions for all of them. Your best option is complete an internet search for your device, including the phrase “disable UPnP” in your search query.

Typically, to disable UPnP on a router, you’ll input your router IP address in your browser address bar, then login to your router’s configuration settings. Once you gain access, you’re typically looking for an advanced settings or configuration menu. The UPnP settings are often categorized with the router’s port forwarding options, so this is a good place to start looking.

However, you don’t have to rush out and turn it off. A properly configured router, one that is up to date and receives regular firmware updates, shouldn’t have any issues with UPnP. Calculating your exposure is yet another part of the problem.

Should You Disable UPnP?

As far as security flaws go, UPnP is one of the easier ones to deal with. At least, for the most part. On most devices, switching off UPnP is literally the flick of a button. However, as you’ve seen, some devices do not have that functionality, most often affecting IoT devices.

Now, that’s not to say you shouldn’t use Internet of Things and smart devices. On the contrary, they work brilliantly well and have so many functions, it’s no wonder most people deploy them throughout their homes. Just ensure to configure the rest of your network properly to protect them, and take a moment to disable UPnP on other connected devices.

Technology Explained

>>Here is the Original Post!

Leave A Reply

Your email address will not be published.