Comment by jech
4 days ago
> Correct me if I'm wrong, but UPnP requires my ESP32 to initiate communication.
Not quite. Using UPnP, any host on your internal network can open a port for any other host. You may be thinking of NAT-PMP.
Additionally, by default UPnP mappings don't expire (unlike NAT-PMP mappings), so if a host crashes with an open port and your ESP32 inherits its IPv4 address, it will be exposed to the Internet.
Actually I've never heard of NAT-PMP, so I'm just wrong ))
Thank you. I never considered the reused address vulnerability.