NAT-PMP Detection (remote network)

high Nessus Plugin ID 73124

Synopsis

Nessus was able to obtain information about the remote network.

Description

The remote device has the NAT-PMP protocol enabled. This protocol may allow any application on an internal subnet to request port mappings from the outside to the inside.

If this service is reachable from the outside your network, it may allow a remote attacker to gain more information about your network and possibly to break into it by creating dynamic port mappings.

Solution

Filter incoming traffic to UDP port 5351.

Plugin Details

Severity: High

ID: 73124

File Name: nat_pmp_remote.nasl

Version: 1.5

Type: remote

Published: 3/20/2014

Updated: 3/6/2019

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Reference Information

CERT: 184540