As there is another router flaw and as the document shows OpenWRT to be vulnerable; I'm asking is LEDE 17.04 is vulnerable?
My understanding is that the UPnP protocol is vulnerable. If you don't install and run UPnP-based software on you device, you are not exposed to this vulnerability
To test if yoiu have installed and enabled it, see: https://www.grc.com/su/upnp-rejected.htm
Click on the Sample Page warning to access the test.
UPnP should never be enabled, period, as it is not, and has never been, secure.
- It takes all of a few minutes to look up ports that need to be forwarded for the handful of devices requiring port forwarding.
1 Like
That's weird, AFAIK OpenWrt/LEDE does not install upnp-daemon by default, you'd have to install it manually and configure it. Even when installed, it is not enabled until you explicitly enable it.
Saying that OpenWrt is vulnerable to this is like saying that OpenWrt is vulnerable to an open/passwordless SSID. If you configure it that way, than it may be vulnerable. Just like you can misconfigure any device/service if you really have your mind set on it -- you can configure OpenWrt to expose an admin Web UI to the WAN as well, does it make it insecure?
I do use miniupnpd, but I do configure it and restrict which local devices have access to request which ports (and of course do not expose it on WAN) and the grc.com test just reported: "THE EQUIPMENT AT THE TARGET IP ADDRESS DID NOT RESPOND TO OUR UPnP PROBES! (That's good news!)". That's on LEDE 17.01.4.
But in general -- firewalls are there for a reason and as @JW0914 just said -- letting local devices/services punch holes in them (firewalls) at will is not secure. 
1 Like