UPnProxy via NAT Injections

According to this Akamai White Paper (page 19) OpenWRT (albeit they could not determine which version) is affected by this (potential) vulnerability.

To my understanding the current TO repo is OpenWrt omnia 15.05 r47055. Any insight how NAT-PMP is implemented? Does enabling secure mode fends off this potential issue?

@Pepe Any feeback from the TO team on the subject since been readig another advisory that attacks of this kind are on the rise? And OpenWRT being implicated.

most cpe on the planet employ openwrt in some way, so i am sure it is implicated :wink:
but (openwrt) default config does not include upnp because it is unsecure.
so maybe turn it off?

yet TOS vanilla ships with miniupnpd (nat-pmp) installed and active by default, at least until TOS 3.96 and since then I removed it anyway.

One way to go about but that is beside the point of whether TO is susceptible to the attack. Some user may want/need it or not being aware that miniupnpd (nat-pmp) installed by default in TOS.

Not sure what is your point. OpenWRT is not necessarily prone to each CEV just becuase it runs on plenty of cpe, e.g. thus far it is not implicated in VPNFilter: Are we lucky we are not affected? - General discussion - Turris forum

no response from the TO team… however to interpret such

Bon chance to the users with miniupnpd (nat-pmp) installed/activated. From my perpective this thread can be closed then.