NAT-PMP vulnerability
NAT-PMP vulnerability
Vulnerable computer systems and applications:
Routers.
Description:
NAT-PMP protocol is used to establish network address translation (NAT) settings and port forwarding configurations. The NAT-PMP vulnerability can be exploited by intercepting TCP and/or UDP data streams from an internal network. By tampering with NAT-PMP port routing requests, services that are accessible only to internal network devices can become available online.
Recommendations:
- Correctly connect LAN and WAN interfaces;
- Authorize NAT-PMP requests only from internal interfaces;
- Allow port routing requests only from internal IP addresses;
- Restrict access (from an external network) to the 5351 UDP port in firewall settings;
- Deactivate NAT-PMP protocol when not in use;
- Update router software.