NotBOUT 0 Posted November 21, 2023 Posted November 21, 2023 I am a little concerned that when I installed Emby, it somehow was able to access my router and add port forwarding rules without having been provided a password. Can someone explain how this happened?
Abobader 3464 Posted November 21, 2023 Posted November 21, 2023 Hello NotBOUT, ** This is an auto reply ** Please wait for someone from staff support or our members to reply to you. It's recommended to provide more info, as it explain in this thread: Thank you. Emby Team
GrimReaper 4744 Posted November 21, 2023 Posted November 21, 2023 (edited) 3 minutes ago, NotBOUT said: I am a little concerned that when I installed Emby, it somehow was able to access my router and add port forwarding rules without having been provided a password. Can someone explain how this happened? You've enabled Automatic port mapping during initial setup. You can just as easily disable it in Settings>Network tab. Edit: You can also disable UPnP in your router so no application could create port forwarding rules without your explicit permission. Edited November 21, 2023 by GrimReaper Append
NotBOUT 0 Posted November 21, 2023 Author Posted November 21, 2023 I enabled it, but I did not provide any credentials for it to do so.
GrimReaper 4744 Posted November 21, 2023 Posted November 21, 2023 Just now, NotBOUT said: I enabled it, but I did not provide any credentials for it to do so. It doesn't need it. 1 minute ago, GrimReaper said: You can also disable UPnP in your router so no application could create port forwarding rules without your explicit permission.
NotBOUT 0 Posted November 21, 2023 Author Posted November 21, 2023 Thanks. I will disable that protocol and reinstall to see if it happens again. A bit scary if UPnP allows this as I think it means anyone could write a server into their application that would have full access to my desktop information.
GrimReaper 4744 Posted November 21, 2023 Posted November 21, 2023 6 minutes ago, NotBOUT said: A bit scary if UPnP allows this https://www.upguard.com/blog/what-is-upnp
pwhodges 2012 Posted November 21, 2023 Posted November 21, 2023 By concentrating on "devices" (meaning stand-alone equipment) that article rather glosses over the fact that a PC is also a device, and one which can be infected through other routes by malware that can then use uPNP to open it up further to arbitrary exploitation. At least some routers now come with it disabled by default, but the only way to be sure is to check it yourself. Paul
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now