NAT-PMP vulnerability


NAT-PMP vulnerability

Vulnerable computer systems and applications:

Routers.

Description:

NAT-PMP protocol is used to establish network address translation (NAT) settings and port forwarding configurations. The NAT-PMP vulnerability can be exploited by intercepting TCP and/or UDP data streams from an internal network. By tampering with NAT-PMP port routing requests, services that are accessible only to internal network devices can become available online.

Recommendations:

  • Correctly connect LAN and WAN interfaces;
  • Authorize NAT-PMP requests only from internal interfaces;
  • Allow port routing requests only from internal IP addresses;
  • Restrict access (from an external network) to the 5351 UDP port in firewall settings;
  • Deactivate NAT-PMP protocol when not in use;
  • Update router software.