Universal Plug and Play

Last updated

UPnP logo as promoted by the UPnP Forum (2001-2016) and Open Connectivity Foundation (2016-present) UPnP logo.png
UPnP logo as promoted by the UPnP Forum (2001–2016) and Open Connectivity Foundation (2016–present)

Universal Plug and Play (UPnP) is a set of networking protocols on the Internet Protocol (IP) that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices, to seamlessly discover each other's presence on the network and establish functional network services. UPnP is intended primarily for residential networks without enterprise-class devices.

Contents

UPnP assumes the network runs IP, and then uses HTTP on top of IP to provide device/service description, actions, data transfer and event notification. Device search requests and advertisements are supported by running HTTP on top of UDP (port 1900) using multicast (known as HTTPMU). Responses to search requests are also sent over UDP, but are instead sent using unicast (known as HTTPU).

Conceptually, UPnP extends plug and play—a technology for dynamically attaching devices directly to a computer—to zero-configuration networking for residential and SOHO wireless networks. UPnP devices are plug-and-play in that, when connected to a network, they automatically establish working configurations with other devices, removing the need for users to manually configure and add devices through IP addresses. [1]

UPnP is generally regarded as unsuitable for deployment in business settings for reasons of economy, complexity, and consistency: the multicast foundation makes it chatty, consuming too many network resources on networks with a large population of devices; the simplified access controls do not map well to complex environments; and it does not provide a uniform configuration syntax such as the CLI environments of Cisco IOS or JUNOS.[ citation needed ]

Overview

The UPnP architecture allows device-to-device networking of consumer electronics, mobile devices, personal computers, and networked home appliances. It is a distributed, open architecture protocol based on established standards such as the Internet Protocol Suite (TCP/IP), HTTP, XML, and SOAP. UPnP control points (CPs) are devices which use UPnP protocols to control UPnP controlled devices (CDs). [2]

The UPnP architecture supports zero-configuration networking. A UPnP-compatible device from any vendor can dynamically join a network, obtain an IP address, announce its name, advertise or convey its capabilities upon request, and learn about the presence and capabilities of other devices. Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) servers are optional and are only used if they are available on the network. Devices can disconnect from the network automatically without leaving state information.

UPnP was published as a 73-part international standard ISO/IEC 29341 in December 2008. [3] [4] [5] [6] [7] [8]

Other UPnP features include:

Media and device independence
UPnP technology can run on many media that support IP, including Ethernet, FireWire, IR (IrDA), home wiring (G.hn) and RF (Bluetooth, Wi-Fi). No special device driver support is necessary; common network protocols are used instead.
User interface (UI) control
Optionally, the UPnP architecture enables devices to present a user interface through a web browser (see Presentation below).
Operating system and programming language independence
Any operating system and any programming language can be used to build UPnP products. UPnP stacks are available for most platforms and operating systems in both closed- and open-source forms.
Programmatic control
UPnP architecture also enables conventional application programmatic control.[ clarification needed ]
Extensibility
Each UPnP product can have device-specific services layered on top of the basic architecture. In addition to combining services defined by UPnP Forum in various ways, vendors can define their own device and service types, and can extend standard devices and services with vendor-defined actions, state variables, data structure elements, and variable values.

Protocol

UPnP uses common Internet technologies. It assumes the network must run Internet Protocol (IP) and then uses HTTP, SOAP and XML on top of IP, in order to provide device/service description, actions, data transfer and eventing. Device search requests and advertisements are supported by running HTTP on top of UDP using multicast (known as HTTPMU). Responses to search requests are also sent over UDP, but are instead sent using unicast (known as HTTPU). UPnP uses UDP due to its lower overhead in not requiring confirmation of received data and retransmission of corrupt packets. HTTPU and HTTPMU were initially submitted as an Internet Draft, but it expired in 2001; [9] these specifications have since been integrated into the actual UPnP specifications.

UPnP uses UDP port 1900, and all used TCP ports are derived from the SSDP alive and response messages. [10]

Addressing

The foundation for UPnP networking is IP addressing. Each device must implement a DHCP client and search for a DHCP server when the device is first connected to the network. If no DHCP server is available, the device must assign itself an address. The process by which a UPnP device assigns itself an address is known within the UPnP Device Architecture as AutoIP. In UPnP Device Architecture Version 1.0, [3] AutoIP is defined within the specification itself; in UPnP Device Architecture Version 1.1, [4] AutoIP references IETF RFC   3927. If during the DHCP transaction, the device obtains a domain name, for example, through a DNS server or via DNS forwarding, the device should use that name in subsequent network operations; otherwise, the device should use its IP address.

Discovery

Once a device has established an IP address, the next step in UPnP networking is discovery. The UPnP discovery protocol is known as the Simple Service Discovery Protocol (SSDP). When a device is added to the network, SSDP allows that device to advertise its services to control points on the network. This is achieved by sending SSDP alive messages. When a control point is added to the network, SSDP allows that control point to actively search for devices of interest on the network or listen passively to the SSDP alive messages of devices. The fundamental exchange is a discovery message containing a few essential specifics about the device or one of its services, for example, its type, identifier, and a pointer (network location) to more detailed information.

Description

After a control point has discovered a device, the control point still knows very little about the device. For the control point to learn more about the device and its capabilities, or to interact with the device, the control point must retrieve the device's description from the location (URL) provided by the device in the discovery message. The UPnP Device Description is expressed in XML and includes vendor-specific manufacturer information like the model name and number, serial number, manufacturer name, (presentation) URLs to vendor-specific web sites, etc. The description also includes a list of any embedded services. For each service, the Device Description document lists the URLs for control, eventing and service description. Each service description includes a list of the commands, or actions, to which the service responds, and parameters, or arguments, for each action; the description for a service also includes a list of variables; these variables model the state of the service at run time and are described in terms of their data type, range, and event characteristics.

Control

Having retrieved a description of the device, the control point can send actions to a device's service. To do this, a control point sends a suitable control message to the control URL for the service (provided in the device description). Control messages are also expressed in XML using the Simple Object Access Protocol (SOAP). Much like function calls, the service returns any action-specific values in response to the control message. The effects of the action, if any, are modeled by changes in the variables that describe the run-time state of the service.

Event notification

Another capability of UPnP networking is event notification, or eventing. The event notification protocol defined in the UPnP Device Architecture is known as General Event Notification Architecture (GENA). A UPnP description for a service includes a list of actions the service responds to and a list of variables that model the state of the service at run time. The service publishes updates when these variables change, and a control point may subscribe to receive this information. The service publishes updates by sending event messages. Event messages contain the names of one or more state variables and the current value of those variables. These messages are also expressed in XML. A special initial event message is sent when a control point first subscribes; this event message contains the names and values for all evented variables and allows the subscriber to initialize its model of the state of the service. To support scenarios with multiple control points, eventing is designed to keep all control points equally informed about the effects of any action. Therefore, all subscribers are sent all event messages, subscribers receive event messages for all "evented" variables that have changed, and event messages are sent no matter why the state variable changed (either in response to a requested action or because the state the service is modeling changed).

Presentation

The final step in UPnP networking is presentation. If a device has a URL for presentation, then the control point can retrieve a page from this URL, load the page into a web browser, and depending on the capabilities of the page, allow a user to control the device and/or view device status. The degree to which each of these can be accomplished depends on the specific capabilities of the presentation page and device.

AV standards

UPnP AV architecture is an audio and video extension of the UPnP, supporting a variety of devices such as TVs, VCRs, CD/DVD players/jukeboxes, settop boxes, stereos systems, MP3 players, still image cameras, camcorders, electronic picture frames (EPFs), and personal computers. The UPnP AV architecture allows devices to support different types of formats for the entertainment content, including MPEG2, MPEG4, JPEG, MP3, Windows Media Audio (WMA), bitmaps (BMP), and NTSC, PAL or ATSC formats. Multiple types of transfer protocols are supported, including IEEE 1394, HTTP, RTP and TCP/IP. [11]

On 12 July 2006, the UPnP Forum announced the release of version 2 of the UPnP Audio and Video specifications, [12] with new MediaServer (MS) version 2.0 and MediaRenderer (MR) version 2.0 classes. These enhancements are created by adding capabilities to the MediaServer and MediaRenderer device classes, allowing a higher level of interoperability between products made by different manufacturers. Some of the early devices complying with these standards were marketed by Philips under the Streamium brand name.

Since 2006, versions 3 and 4 of the UPnP audio and video device control protocols have been published. [13] In March 2013, an updated uPnP AV architecture specification was published, incorporating the updated device control protocols. [11] UPnP Device Architecture 2.0 was released in April 2020.

The UPnP AV standards have been referenced in specifications published by other organizations including Digital Living Network Alliance Networked Device Interoperability Guidelines, [14] International Electrotechnical Commission IEC 62481-1, [15] and Cable Television Laboratories OpenCable Home Networking Protocol. [16]

AV components

Generally a UPnP audio/video (AV) architecture consists of: [17]

Media server

A UPnP AV media server is the UPnP-server ("master" device) that provides media library information and streams media-data (like audio/video/picture/files) to UPnP clients on the network. It is a computer system or a similar digital appliance that stores digital media, such as photographs, movies, or music and shares these with other devices.

UPnP AV media servers provide a service to UPnP AV client devices, so-called control points, for browsing the media content of the server and request the media server to deliver a file to the control point for playback.

UPnP media servers are available for most operating systems and many hardware platforms. UPnP AV media servers can either be categorized as software-based or hardware-based. Software-based UPnP AV media servers can be run on a PC. Hardware-based UPnP AV media servers may run on any NAS devices or any specific hardware for delivering media, such as a DVR. As of May 2008, there were more software-based UPnP AV media servers than there were hardware-based servers.

Other components

NAT traversal

One solution for NAT traversal, called the Internet Gateway Device Control Protocol (UPnP IGD Protocol), is implemented via UPnP. Many routers and firewalls expose themselves as Internet Gateway Devices, allowing any local UPnP control point to perform a variety of actions, including retrieving the external IP address of the device, enumerating existing port mappings, and adding or removing port mappings. By adding a port mapping, a UPnP controller behind the IGD can enable traversal of the IGD from an external address to an internal client.

There are numerous compatibility issues due the different interpretations of the very large actually backward compatible IGDv1 and IGDv2 specifications. One of them is the UPnP IGD client integrated with current Microsoft Windows and Xbox systems with certified IGDv2 routers. The compatibility issue still exist since the introduced of the IGDv1 client in Windows XP in 2001, and a IGDv2 router without a workaround that makes router port mapping impossible. [19]

If UPnP is only used to control router port mappings and pinholes, there are alternative, newer much simpler and lightweight protocols such as the PCP and the NAT-PMP, both of which have been standardized as RFCs by the IETF. These alternatives are not yet known to have compatibility issues between different clients and servers, but adoption is still low. For consumer routers, only AVM and the open-source router software projects OpenWrt, OPNsense, and pfSense are currently known to support PCP as an alternative to UPnP. AVM's Fritz!Box UPnP IGDv2 and PCP implementation has been very buggy since its introduction. In many cases it does not work. [20] [21] [22] [23] [24]

Problems

Authentication

The UPnP protocol, by default, does not implement any authentication, so UPnP device implementations must implement the additional Device Protection service, [25] or implement the Device Security Service. [26] There also exists a non-standard solution called UPnP-UP (Universal Plug and Play - User Profile) [27] [28] which proposes an extension to allow user authentication and authorization mechanisms for UPnP devices and applications. Many UPnP device implementations lack authentication mechanisms, and by default assume local systems and their users are completely trustworthy. [29] [30]

When the authentication mechanisms are not implemented, routers and firewalls running the UPnP IGD protocol are vulnerable to attack. For example, Adobe Flash programs running outside the sandbox of the browser (e.g. this requires specific version of Adobe Flash with acknowledged security issues) are capable of generating a specific type of HTTP request which allows a router implementing the UPnP IGD protocol to be controlled by a malicious web site when someone with a UPnP-enabled router simply visits that web site. [31] This only applies to the "firewall-hole-punching"-feature of UPnP; it does not apply when the router/firewall does not support UPnP IGD or has been disabled on the router. Also, not all routers can have such things as DNS server settings altered by UPnP because much of the specification (including LAN Host Configuration) is optional for UPnP enabled routers. [6] As a result, some UPnP devices ship with UPnP turned off by default as a security measure.

Access from the Internet

In 2011, researcher Daniel Garcia developed a tool designed to exploit a flaw in some UPnP IGD device stacks that allow UPnP requests from the Internet. [32] [33] The tool was made public at DEFCON 19 and allows portmapping requests to external IP addresses from the device and internal IP addresses behind the NAT. The problem is widely propagated around the world, with scans showing millions of vulnerable devices at a time. [34]

In January 2013, the security company Rapid7 in Boston reported [35] on a six-month research programme. A team scanned for signals from UPnP-enabled devices announcing their availability for internet connection. Some 6900 network-aware products from 1500 companies at 81 million IP-addresses responded to their requests. 80% of the devices are home routers; others include printers, webcams and surveillance cameras. Using the UPnP-protocol, many of those devices can be accessed and/or manipulated.

In February 2013, the UPnP forum responded in a press release [36] by recommending more recent versions of the used UPnP stacks, and by improving the certification program to include checks to avoid further such issues.

IGMP snooping and reliability

UPnP is often the only significant multicast application in use in digital home networks; therefore, multicast network misconfiguration or other deficiencies can appear as UPnP issues rather than underlying network issues.

If IGMP snooping is enabled on a switch, or more commonly a wireless router/switch, it will interfere with UPnP/DLNA device discovery (SSDP) if incorrectly or incompletely configured (e.g. without an active querier or IGMP proxy), making UPnP appear unreliable.

Typical scenarios observed include a server or client (e.g. smart TV) appearing after power on, and then disappearing after a few minutes (often 30 by default configuration) due to IGMP group membership expiring.

Callback vulnerability

On 8 June 2020, yet another protocol design flaw was announced. [37] Dubbed "CallStranger" [38] by its discoverer, it allows an attacker to subvert the event subscription mechanism and execute a variety of attacks: amplification of requests for use in DDoS; enumeration; and data exfiltration.

OCF had published a fix to the protocol specification in April 2020, [39] but since many devices running UPnP are not easily upgradable, CallStranger is likely to remain a threat for a long time to come. [40] CallStranger has fueled calls for end-users to abandon UPnP because of repeated failures in security of its design and implementation. [41]

History

The UPnP protocols were promoted by the UPnP Forum (formed in October 1999), [42] a computer industry initiative to enable simple and robust connectivity to standalone devices and personal computers from many different vendors. The Forum consisted of more than 800 vendors involved in everything from consumer electronics to network computing. Since 2016, all UPnP efforts have been managed by the Open Connectivity Foundation (OCF).

In the fall of 2008, the UPnP Forum ratified the successor to UPnP 1.0 Device Architecture, UPnP 1.1. [43] The Devices Profile for Web Services (DPWS) standard was a candidate successor to UPnP, but UPnP 1.1 was selected by the UPnP Forum. Version 2 of IGD is standardized. [44]

The UPnP Internet Gateway Device (IGD) [6] standard has a WANIPConnection service, which provides similar functionality to IETF-standard Port Control Protocol. The NAT-PMP specification contains a list of the problems with IGDP [45] :26–32 that prompted the creation of NAT-PMP and its successor PCP.

A number of further standards have been defined for the UPnP Device Architecture:

See also

Related Research Articles

The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client–server architecture.

The Session Initiation Protocol (SIP) is a signaling protocol used for initiating, maintaining, and terminating communication sessions that include voice, video and messaging applications. SIP is used in Internet telephony, in private IP telephone systems, as well as mobile phone calling over LTE (VoLTE).

Telnet is a client/server application protocol that provides access to virtual terminals of remote systems on local area networks or the Internet. It is a protocol for bidirectional 8-bit communications. Its main goal was to connect terminal devices and terminal-oriented processes.

In computer networking, the User Datagram Protocol (UDP) is one of the core communication protocols of the Internet protocol suite used to send messages to other hosts on an Internet Protocol (IP) network. Within an IP network, UDP does not require prior communication to set up communication channels or data paths.

<span class="mw-page-title-main">Denial-of-service attack</span> Type of cyber-attack

In computing, a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. The range of attacks varies widely, spanning from inundating a server with millions of requests to slow its performance, overwhelming a server with a substantial amount of invalid data, to submitting requests with an illegitimate IP address.

Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include cable modems, routers, network switches, servers, workstations, printers, and more.

The Simple Service Discovery Protocol (SSDP) is a network protocol based on the Internet protocol suite for advertisement and discovery of network services and presence information. It accomplishes this without assistance of server-based configuration mechanisms, such as Dynamic Host Configuration Protocol (DHCP) or Domain Name System (DNS), and without special static configuration of a network host. SSDP is the basis of the discovery protocol of Universal Plug and Play (UPnP) and is intended for use in residential or small office environments. It was formally described in an IETF Internet Draft by Microsoft and Hewlett-Packard in 1999. Although the IETF proposal has since expired, SSDP was incorporated into the UPnP protocol stack, and a description of the final implementation is included in UPnP standards documents.

<span class="mw-page-title-main">XMPP</span> Communications protocol for message-oriented middleware

Extensible Messaging and Presence Protocol is an open communication protocol designed for instant messaging (IM), presence information, and contact list maintenance. Based on XML, it enables the near-real-time exchange of structured data between two or more network entities. Designed to be extensible, the protocol offers a multitude of applications beyond traditional IM in the broader realm of message-oriented middleware, including signalling for VoIP, video, file transfer, gaming and other uses.

Zero-configuration networking (zeroconf) is a set of technologies that automatically creates a usable computer network based on the Internet Protocol Suite (TCP/IP) when computers or network peripherals are interconnected. It does not require manual operator intervention or special configuration servers. Without zeroconf, a network administrator must set up network services, such as Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS), or configure each computer's network settings manually.

<span class="mw-page-title-main">Preboot Execution Environment</span> Standard for booting from a server

In computing, the Preboot eXecution Environment specification describes a standardized client–server environment that boots a software assembly, retrieved from a network, on PXE-enabled clients. On the client side it requires only a PXE-capable network interface controller (NIC), and uses a small set of industry-standard network protocols such as Dynamic Host Configuration Protocol (DHCP) and Trivial File Transfer Protocol (TFTP).

<span class="mw-page-title-main">Port forwarding</span> Computer networking feature

In computer networking, port forwarding or port mapping is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall. This technique is most commonly used to make services on a host residing on a protected or masqueraded (internal) network available to hosts on the opposite side of the gateway, by remapping the destination IP address and port number of the communication to an internal host.

In computer networking, a network service is an application running at the network application layer and above, that provides data storage, manipulation, presentation, communication or other capability which is often implemented using a client–server or peer-to-peer architecture based on application layer network protocols.

STUN is a standardized set of methods, including a network protocol, for traversal of network address translator (NAT) gateways in applications of real-time voice, video, messaging, and other interactive communications.

Network address translation traversal is a computer networking technique of establishing and maintaining Internet Protocol connections across gateways that implement network address translation (NAT).

<span class="mw-page-title-main">Internet Gateway Device Protocol</span> Network protocol for mapping ports

Internet Gateway DeviceControl Protocol is a protocol based on UPnP for mapping ports in network address translation (NAT) setups, supported by some NAT-enabled routers. It is a common communications protocol for automatically configuring port forwarding, and is part of an ISO/IEC Standard rather than an Internet Engineering Task Force standard.

NAT Port Mapping Protocol (NAT-PMP) is a network protocol for establishing network address translation (NAT) settings and port forwarding configurations automatically without user effort. The protocol automatically determines the external IPv4 address of a NAT gateway, and provides means for an application to communicate the parameters for communication to peers. Apple introduced NAT-PMP in 2005 by as part of the Bonjour specification, as an alternative to the more common ISO Standard Internet Gateway Device Protocol implemented in many NAT routers. The protocol was published as an informational Request for Comments (RFC) by the Internet Engineering Task Force (IETF) in RFC 6886.

Hole punching is a technique in computer networking for establishing a direct connection between two parties in which one or both are behind firewalls or behind routers that use network address translation (NAT). To punch a hole, each client connects to an unrestricted third-party server that temporarily stores external and internal address and port information for each client. The server then relays each client's information to the other, and using that information each client tries to establish direct connection; as a result of the connections using valid port numbers, restrictive firewalls or routers accept and forward the incoming packets on each side.

Windows Rally is a set of technologies from Microsoft intended to simplify the setup and maintenance of wired and wireless network-connected devices. They aim to increase reliability and security of connectivity for users who connect the devices to the Internet or to computers running Microsoft Windows. These technologies provide control of network quality of service (QoS) and diagnostics for data sharing, communications, and entertainment. Windows Rally technologies provide provisioning for the following devices:

Port Control Protocol (PCP) is a computer networking protocol that allows hosts on IPv4 or IPv6 networks to control how the incoming IPv4 or IPv6 packets are translated and forwarded by an upstream router that performs network address translation (NAT) or packet filtering. By allowing hosts to create explicit port forwarding rules, handling of the network traffic can be easily configured to make hosts placed behind NATs or firewalls reachable from the rest of the Internet, which is a requirement for many applications.

References

  1. Velimirovic, Andreja (13 January 2022). "What is UPnP (Universal Plug and Play)?". phoenixNAP Blog. Retrieved 27 September 2023.
  2. "Using the UPnP Control Point API". Microsoft Developer Network. 14 September 2012. Retrieved 11 September 2014.
  3. 1 2 "UPnP Device Architecture v1.0" (PDF). upnp.org. UPnP Forum. 15 October 2008.
  4. 1 2 "UPnP Device Architecture v1.1" (PDF). openconnectivity.org. UPnP Forum. 15 October 2008.
  5. "UPnP Device Architecture v2.0" (PDF). openconnectivity.org. OCF. 17 April 2020.
  6. 1 2 3 "UPnP InternetGatewayDevice v1.0/v2.0". openconnectivity.org. UPnP Forum. 10 December 2010.
  7. "ISO/IEC standard on UPnP device architecture makes networking simple and easy". International Organization for Standardization. 10 December 2008. Retrieved 11 September 2014.
  8. "UPnP Specifications Named International Standard for Device Interoperability for IP-based Network Devices" (PDF). UPnP Forum. 5 February 2009. Archived from the original (PDF) on 1 April 2014. Retrieved 11 September 2014.
  9. Goland, Yaron Y.; Schlimmer, Jeffrey C. (2 October 2000). "Multicast and Unicast UDP HTTP Messages". UPnP Forum Technical Committee. Archived from the original on 30 December 2006. Retrieved 11 September 2014.
  10. "How Windows Firewall affects the UPnP framework in Windows XP Service Pack 2". Microsoft. 23 May 2014. Retrieved 11 September 2014.
  11. 1 2 "UPnP AV Architecture" (PDF). UPnP Forum. 31 March 2013. Retrieved 11 September 2014.
  12. "UPnP Forum Releases Enhanced AV Specifications Taking Home Network to the Next Level" (PDF). UPnP Forum. 12 July 2006. Retrieved 11 September 2014.
  13. "Device Control Protocols". UPnP Forum . Retrieved 11 September 2014.
  14. "DLNA Networked Device Interoperability Guidelines". Digital Living Network Alliance. March 2014. Retrieved 11 September 2014.
  15. "Digital living network alliance (DLNA) home networked device interoperability guidelines - Part 1: Architecture and protocols". International Electrotechnical Commission. 23 October 2013. Retrieved 11 September 2014.
  16. "OpenCable Specifications Home Networking 2.0 - Home Networking Protocol 2.0 Revision 10" (PDF). Cable Television Laboratories. 30 May 2013. Archived from the original (PDF) on 11 September 2014. Retrieved 11 September 2014.
  17. EDN (9 September 2005). "How DLNA and UPnP will enable easy home video networks". EDN. Retrieved 27 September 2023.
  18. "CEA-2014-B (ANSI) - Web-based Protocol and Framework for Remote User Interface on UPnP Networks and the Internet (Web4CE)". CEA R7 Home Home Network Committee. 1 January 2011. Archived from the original on 29 April 2013. Retrieved 11 September 2014.
  19. "Detect FDSSDP as a microsoft client · miniupnp/miniupnp@8381867". GitHub. Retrieved 18 September 2023.
  20. 12 Fehler in der AVM UPnP IGD- und PCP-Implementation (aller FritzBoxen).
  21. "UPnP not working with my FRITX!Box". Syncthing Community Forum. 12 April 2022. Retrieved 18 September 2023.
  22. "UPNP_GetValidIGD returns Temporary IPv6 Address, causing UPNP_AddPinHole to fail with 606 · Issue #600 · miniupnp/miniupnp". GitHub. Retrieved 18 September 2023.
  23. "upnpc shows wrong duration for port forward longer than 120 seconds · Issue #222 · miniupnp/miniupnp". GitHub. Retrieved 18 September 2023.
  24. "miniupnp.tuxfamily.org :: View topic - Setting up portforward doesn't work". miniupnp.tuxfamily.org. Retrieved 18 September 2023.
  25. "Device Protection V 1.0". UPnP Forum. Archived from the original on 17 October 2014. Retrieved 11 September 2014.
  26. "Device Security and Security Console V 1.0". UPnP Forum. Archived from the original on 31 August 2014. Retrieved 11 September 2014.
  27. "UPnP-UP - Universal Plug and Play - User Profile". Archived from the original on 10 December 2013. Retrieved 1 January 2012.
  28. Sales, Thiago; Sales, Leandro; Almeida, Hyggo; Perkusich, Angelo (November 2010). "A UPnP extension for enabling user authentication and authorization in pervasive systems". Journal of the Brazilian Computer Society. 16 (4): 261–277. doi: 10.1007/s13173-010-0022-2 .
  29. Eastep, Thomas M. (4 June 2014). "Shorewall and UPnP" . Retrieved 11 September 2014.
  30. "Linux UPnP Internet Gateway Device - Documentation - Security" . Retrieved 11 September 2014.
  31. "Hacking The Interwebs". 12 January 2008. Retrieved 11 September 2014.
  32. Garcia, Daniel. "UPnP Mapping" (PDF). Retrieved 11 September 2014.
  33. "US-CERT Vulnerability Note VU#357851". CERT/CC. 30 November 2012. Retrieved 11 September 2014.
  34. "Millions of devices vulnerable via UPnP - Update". The H. 30 January 2013. Retrieved 11 September 2014.
  35. Moore, H. D. (29 January 2013). "Whitepaper: Security Flaws in Universal Plug and Play: Unplug, Don't Play" . Retrieved 11 September 2014.
  36. "UPnP Forum Responds to Recently Identified LibUPnP/MiniUPnP Security Flaw" (PDF). UPnP Forum. 8 February 2013. Retrieved 11 September 2014.
  37. "CERT/CC Vulnerability Note VU#339275".
  38. "CallStranger CVE-2020-12695". Archived from the original on 16 June 2020. Retrieved 14 June 2020.
  39. "OCF - UPnP Standards & Architecture".
  40. "CVE-2020-12695: CallStranger Vulnerability in Universal Plug and Play (UPnP) Puts Billions of Devices at Risk". 8 June 2020.
  41. "Disable UPnP on Your Wireless Router Already". Lifehacker. 12 June 2020. Retrieved 14 June 2020.
  42. "OCF - UPnP Standards & Architecture". Open Connectivity Foundation (OCF). Retrieved 27 September 2023.
  43. Bodlaender, M.P. (February 2005). "UPnP 1.1 - designing for performance & compatibility". IEEE Transactions on Consumer Electronics. 51 (1): 69–75. doi:10.1109/TCE.2005.1405701. S2CID   11792030.
  44. "UPnP Forum Gateway Working Committee: IGD:2 Improvements over IGD:1" (PDF). UPnP Forum. 10 March 2009. Retrieved 11 September 2014.
  45. S. Cheshire; M. Krochmal (April 2013). "RFC 6886: NAT Port Mapping Protocol (NAT-PMP)". Internet Engineering Task Force (IETF). doi: 10.17487/RFC6886 . Retrieved 8 August 2014.{{cite journal}}: Cite journal requires |journal= (help)
  46. "WFA WLANConfig Service 1.0 Service Template Version 1.01" (PDF). January 2006. Archived from the original (PDF) on 8 December 2022.
  47. "Wi-Fi Protected Setup Specification Version 2.0.8" (PDF). Archived from the original (PDF) on 22 March 2021.

Further reading

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.