Should UPnP be disabled?

zimo · 2017-06-18T18:39:54.000Z

Apparently, routers are being hacked due to the vulnerability of having UPnP enabled.

Should it be disabled on GLI products by default as a precaution?

Original article here: https://www.wired.com/story/wikileaks-cia-router-hack/

glitch · 2017-06-19T00:44:18.000Z

Thanks for sharing. I wondered this too and had already disabled it in the latest (testing) release (it is enabled by default).

alzhao · 2017-06-20T14:50:50.000Z

You are right. In the latest firmware v2.26 we already disabled WAN access but not upnd. This should be disabled in later firmware.

zimo · 2017-08-02T00:39:22.000Z

Is it still planned to disable this in next firmware? (I’m slightly paranoid lol). Also, your website is giving me a Privacy error (something going wrong with the SSL certificate).

alzhao · 2017-08-02T12:52:42.000Z

@zimo, do you get a Privacy error for SSL now? I have tested but I don’t have this. We paid a lot of money for the SSL.

Yes, will disable in next firmware.

zimo · 2017-08-02T19:42:38.000Z

Hi @alzhao great to hear that. The SSL seems to be fine now.

craig-iinglis · 2017-08-06T23:45:21.000Z

FYI - Certificate for https://www.gl-inet.com is ok but https://us.gl-inet.com doesnt. Chrome gives error "This server could not prove that it is us.gl-inet.com its security certificate is from www.gl-inet.com.

alzhao · 2017-08-08T17:48:06.000Z

@Craig, don’t use us.gl-inet.com, that is for use in China to visit our main server. We used different server for China and other countries.