Flash UPnP Attack

Discussion in 'Tomato Firmware' started by bokh, Jan 15, 2008.

  1. bokh

    bokh Network Guru Member

    To prevent cross-posting, read this post on this forum's General Discussion.

    I guess we'll have to disable UPnP on Tomato until a fix has been found.
    Back to portforwarding for uTorrent... :what:
  2. Kiwi8

    Kiwi8 LI Guru Member

    I have always been using Port Forwarding, just that UPnP was left on as well. Ok now I will disable UPnP then. :)
  3. mstombs

    mstombs Network Guru Member

    Can anyone explain how opening incoming ports on packets addressed to the WAN IP on the WAN interface can do all the things claimed?

    If you have a virus/trojan on your PC I guess it could use upnp, but if you don't have a software firewall that stops it - remote controllers can always reply to connections made from the inside, so upnp is the least of your worries.

    Personally I find upnp very useful and am willing to take the risk!

    See here to see how easy it is to manipulate upnp port forwards from a web page


    This opens and close 20 upnp ports simultaneously I recall.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice