Good Day, All

I’m running Avast Premier on a new Windows 10 machine and keep receiving a vulnerability issue on my Wi-fi scans for my WD My Cloud drive:

“Your Device is not configured properly”

and when I review the issue I’m getting this:

“UPNP: Service is vulnerable to attack within your network
Risks: Attacked can execute their own code on this device.
Attackers could completely control this device’s system
Type:UPNP
Port:4XXXX
Vulnerability ID: CVE-012-5958”

Both my router and My Book are running current up-to-date firmware.
I set the router to Disable UPNP.
I turned off cloud access on the My Book.
Yet this warning persists. Any one have suggestions on what to do next? I can’t figure out why the issue persists.
I don’t have any ports configure to open (or at least don’t remember setting any that way), so I’m stumped.

Thank is advance for any help!

Try running this online test: https://www.grc.com/x/ne.dll?bh0bkyd2 When you click this link, click ‘Proceed’. Next click UPNP.

Report back results with an attached screenshot.

What is UPNP?: https://duckduckgo.com/?q=what+is+upnp%3F&t=ffab&ia=web
https://www.howtogeek.com/122487/htg-explains-is-upnp-a-security-risk/

Thank you for responding!

The test came back:

Universal Plug n’Play (UPnP)
Internet Exposure Test
This Internet probe sends up to ten (10) UPnP Simple Service Discovery Protocol (SSDP) M-SEARCH UDP packets, one every half-second, to our visitor’s current IPv4 address (98.XXX.XXX.XX) in an attempt to solicit a response from any publicly exposed and listening UPnP SSDP service. The UPnP protocols were never designed to be exposed to the public Internet, and any Internet-facing equipment which does so should be considered defective, insecure, and unusable. Any such equipment should be disconnected immediately.

Your equipment at IP:

98.XXX.XXX.XX

Is now being queried:

THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES!
(That’s good news!)

Thank you for that. What you did was to confirm your router is set properly re UPNP and is not vulnerable.

See this topic about WD My Cloud issues here: https://community.wd.com/t/cve-2012-5958-on-wd-my-cloud/211161

I’d like to point out I do not run WD My Cloud software, nor do I have experience with it but, please, scroll down to the last post for a possible answer. (Note date of post is July 2017 so issue is at least one year old and, at least one other Avast user has encountered this issue).

Apparently you can disable remote access in My Cloud Dashboard to mitigate your vulnerability, but all Avast is doing is, is telling you WD has not yet fixed it yet. Don’t shoot the messenger.

Reboot your system and run the Avast troubleshooter again after making your changes and report back.