Is OpenWRT susceptible to the CallStranger UPnP issue if the UPnP service is installed?
From your quoted web-page
" Not Vulnerable Devices
- miniupnpd >1.6 (2011)"
The earliest version of miniupnpd I can find in openwrt (and it started off life in the 'routing' package feed, not the main package feed) is:
commit ff3dddf2da7efbd25e7accc80366480cb3f39611
Author: Markus Stenberg <markus.stenberg@iki.fi>
Date: Fri May 30 13:11:49 2014 +0300
miniupnpd: Added based on latest 20140523 version + IPv6 pinhole/SSL compilation patches.
May 2014 > 2011.