Method 13: Universal Plug-N-Play (UPnP)

0 Shields

This is a feature that is supposed to make it very easy to connect devices to the WiFi router without requiring any technical expertise.

Universal Plug-N-Play (UPnP) has absolutely no form of authentication or security. Some implementations on WiFi routers even allowed UPnP connections over the internet. UPnP devices typically consider all other devices trying to connect as trustworthy.

As a result, it makes a perfect threat vector for hackers to use to gain access to your networks. In fact, the CIA’s Cherry Blossom program purportedly used it to retrieve a target WiFi router’s administrative credentials, thereby allowing them to completely take control of the WiFi router.

There is always a trade-off between ease-of-use and security. In this case, UPnP is at the far end of the security spectrum, making it a security threat in most cases, hence 0/5 shields. There is little that vendors can do, as the standard itself does not offer any security via authentication, for example.



UPnP was originally designed to make it easy for anybody to connect devices together with little or no setup or configuration requirements. Just push a button and the devices could find each other and start networking together. Cameras talking to computers, PCs talking to printers, and especially any network devices talking to WiFi routers were popular applications for UPnP.

Unfortunately, major issues started showing up around 2001, and UPnP’s reputation kept on sliding. Everything pretty much fell apart around 2010 with the disclosure of serious security limitations of the standard—namely that it had none. Security, that is. It was so serious that the US Department of Homeland Security urged everyone to disable UPnP on all of their networking devices.