Author: Wladimir J. van der Laan 2015-10-12 17:17:50
Published on: 2015-10-12T17:17:50+00:00
Bitcoin Core users are being warned to disable UPnP (Universal Plug and Play) in the software as soon as possible due to a vulnerability that could be used to remotely crash nodes. The issue arises because Bitcoin Core automatically listens for incoming connections using UPnP, meaning that malicious actors could potentially use it to scan for open ports and carry out distributed denial of service (DDoS) attacks on machines running the software. Upgrading to 0.11.1rc2 or 0.10.3rc2 will solve the issue as they include a newer libupnpc, but are still in the release candidate cycle. Users are advised to disable UPnP to prevent any attacks.
Updated on: 2023-06-11T00:06:01.188589+00:00