Security News > 2022 > April > QNAP urges customers to disable UPnP port forwarding on routers
Taiwanese hardware vendor QNAP urged customers on Monday to disable Universal Plug and Play port forwarding on their routers to prevent exposing their network-attached storage devices to attacks from the Internet.
UPnP Port Forwarding allows network devices to communicate seamlessly and create groups for easier data sharing.
"Hackers can abuse UPnP to attack through malicious files to infect your system and gain control. Despite its convenience, UPnP may expose your device to public networks and malicious attacks," QNAP said today.
"It is recommended that your QNAP NAS stay behind your router and firewall without a public IP address. You should disable manual port forwarding and UPnP auto port forwarding for QNAP NAS in your router configuration."
Disable the Port Forwarding function of the router: Go to the management interface of your router, check the Virtual Server, NAT, or Port Forwarding settings, and disable the port forwarding setting of NAS management service port.
Disable the UPnP function of the QNAP NAS: Go to myQNAPcloud on the QTS menu, click the "Auto Router Configuration," and unselect "Enable UPnP Port forwarding."