NAT-PMP vulnerability

Vulnerable computer systems and applications:

Routers.

Description:

NAT-PMP protocol is used to establish network address translation (NAT) settings and port forwarding configurations. The NAT-PMP vulnerability can be exploited by intercepting TCP and/or UDP data streams from an internal network. By tampering with NAT-PMP port routing requests, services that are accessible only to internal network devices can become available online.

Recommendations:

Correctly connect LAN and WAN interfaces;
Authorize NAT-PMP requests only from internal interfaces;
Allow port routing requests only from internal IP addresses;
Restrict access (from an external network) to the 5351 UDP port in firewall settings;
Deactivate NAT-PMP protocol when not in use;
Update router software.