David J Murray Dev
~ Learn and Do - Excel and Share ~

UPnP problems are back again. How to Fix.

Jun 11, 2020
Image by Gerd Altmann from Pixabay
You're Reading: UPnP problems are back again. How to Fix.

A post in Bugs & FixUps & Security & UPnP

The situation.


UPnP is a troublesome technology with problems dating back many years. What is UPnP?

For example, Gibson Research Corp have been providing testing software and procedures for years (originating in 2001) via their ShieldsUp! service.

Today (Jun 11th, 2020) Ars Technica provided details of another major hacking or attack exploiting this technology.

This new vulnerability called CallStranger (CVE-202-12695). discovered by a Turkish researcher, is just another in a long line of such vulnerabilities exploiting UPnP and it’s problems.

In 2013, 81 million devices were exploited. 100,000 routers exploited into a botnet in 2018. An additional 45,000 routers were used to spread the NSA exploits EternalRed and EternalBlue.


The Fix for UPnP problems.

Turn off UPnP

Turn off UPnP


Fixing UPnP problems? They can be fixed; sort of!

For starters, Ars Technica in their article recommend using the F-Secure Router Checker. to check if your router and hence your network is exploitable. A list of known routers have been confirmed to be vulnerable are listed in Ars Technica’s article.

Along with F-Secure, I would suggest using the tools at GRC:

The best solution is to turn UPnP off in your internet facing router. This is usually the router provided by your ISP.

About the Author

<a href="https://davidjmurray.dev/losucag/davidjmurray/" target="_self">djm</a>


I have been in the computer/IT industry for over 35 years. After spending half a life-time in highly proprietary database environments, I have succumbed to the WordPress Eco-system and I'm well down the chasm. I am specializing in AWS hosting, Wordpress CMS, Elegant Themes, in particular Divi and Extra themes.


Submit a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Pin It on Pinterest

Share This