Should UPnP be disabled?

Apparently, routers are being hacked due to the vulnerability of having UPnP enabled.

Should it be disabled on GLI products by default as a precaution?

Original article here: https://www.wired.com/story/wikileaks-cia-router-hack/

Thanks for sharing. I wondered this too and had already disabled it in the latest (testing) release (it is enabled by default).

You are right. In the latest firmware v2.26 we already disabled WAN access but not upnd. This should be disabled in later firmware.

Is it still planned to disable this in next firmware? (I’m slightly paranoid lol). Also, your website is giving me a Privacy error (something going wrong with the SSL certificate).

@zimo, do you get a Privacy error for SSL now? I have tested but I don’t have this. We paid a lot of money for the SSL.

Yes, will disable in next firmware.

Hi @alzhao great to hear that. The SSL seems to be fine now.

FYI - Certificate for https://www.gl-inet.com is ok but https://us.gl-inet.com doesnt. Chrome gives error "This server could not prove that it is us.gl-inet.com its security certificate is from www.gl-inet.com.

@Craig, don’t use us.gl-inet.com, that is for use in China to visit our main server. We used different server for China and other countries.