Need cloud computing? Get started now

Products

Cloud Computing
Security
Content Delivery
All Products and Trials
Global Services

Cloud Computing

Compute

Build, release, and scale faster with VMs for every workload

Networking

Secure your network, balance traffic, control your infrastructure

Containers

Efficiently orchestrate containerized applications

Developer Tools

Get the most out of your applications with advanced management tools

Storage

Deploy dependable, easily accessible storage and management

Databases

Scale easily with simple and reliable managed databases

Create a Cloud Account

Security

App and API Security

Discover and monitor API behavior to respond to threats and abuse

App & API Protector

Protect web apps and APIs from DDoS, bots, and OWASP Top 10 exploits

Client-Side Protection & Compliance

Assist with PCI compliance and protect against client-side attacks

Zero Trust Security

Akamai Guardicore Platform

One Zero Trust platform for coverage, visibility, and granular control.

Akamai Guardicore Segmentation

Mitigate risk in your network with granular, flexible segmentation

Secure Internet Access

Proactively protect against zero-day malware and phishing

Stop the most evasive threats with proactive threat hunting

Enterprise Application Access

Granular application access based on identity and context

Harden against account takeovers and data breaches with phish-proof MFA

Bot & Abuse Protection

Account Protector

Mitigate account abuse and grow your digital business

Content Protector

Stop scrapers, protect intellectual property, and increase conversion

Brand Protector

Detect and mitigate fraudulent representations of your brand

Welcome the bots you want and mitigate those you don’t

Add secure, cloud-based identity management to your websites or apps

INFRASTRUCTURE SECURITY

External authoritative solution for your DNS infrastructure

Protect your infrastructure from distributed denial-of-service attacks

Content Delivery

APPLICATION PERFORMANCE

Improve the performance and reliability of your website at scale

API Acceleration

Improve the performance and reliability of your APIs at scale

MEDIA DELIVERY

Adaptive Media Delivery

High-quality video delivery for any screen to global audiences

Download Delivery

Deliver large file downloads flawlessly, every time, at global scale

EDGE APPLICATIONS

Execute custom JavaScript at the edge, near users, to optimize UX

Distributed key-value store database at the edge

Image & Video Manager

Automatically optimize images and video for every user, on any device

Predefined apps that run at the edge for specific business needs

Use an efficient caching layer to improve origin offload

Global Traffic Management

Optimize performance with intelligent load balancing

MONITORING, REPORTING, AND TESTING

Low-latency data feed for visibility and ingest into third-party tools

Measure the business impact of real user experiences in real time

Site and application load testing at global scale

Solutions

Use Cases
Industry Solutions

Use Cases

CLOUD COMPUTING

Deliver an engaging, interactive video experience

Build with portability, performance, and efficiency from cloud to client

Improve the gamer experience with low latency and high availability

SECURITY

Protect your brand by securing apps and APIs from persistent threats

Solutions for comprehensive coverage, visibility and control

DDoS Protection

Protect your infrastructure from DDoS and DNS attacks

Bot & Abuse Protection

Stop account abuse, sophisticated bot attacks, and brand impersonation

CONTENT DELIVERY

App and API Performance

Improve user engagement through app & API optimization

Deliver seamless streaming and download experiences to any device

Build and deploy on the world’s most distributed edge platform

Industry Solutions

Why Akamai

Why Akamai

Discover Akamai Connected Cloud

Our Platform

Explore our global infrastructure

Company

See how we power and protect life online

Resources

Library

Learn

Educational resources and training for Akamai products and services

Key concepts in security, cloud computing, and content delivery

Security Research

Akamai Security Research

Insights and intelligence from the Akamai Security Intelligence Group

State of the Internet (SOTI) Reports

In-depth analysis of the latest cybersecurity research and trends

Partners

Find a Partner
Become a Partner
Cloud Computing Marketplace

Find a Partner

Why Choose an Akamai Partner

Learn about our industry-leading ecosystem of partners

Partner Directory

Find a channel or technology partner

Become a Partner

Contact Us

Contact Sales

Have questions? We can help.

Customer Support

Need technical support? We are here 24/7.

Dark background with blue code overlay

Blog

Akamai Blog | Universal Plug and Play (UPnP): What You Need to Know

Akamai Wave Blue

Written by

January 27, 2022

Akamai Wave Blue

Written by

Share

Originally posted April 2018, updated in 2022

Universal Plug and Play (UPnP) is a widely used protocol with a decade-long history of flawed implementations across a wide range of consumer devices. In this paper, we will cover how these aws are still present on devices, how these vulnerabilities are actively being abused, and how a feature/vulnerability set that seems to be mostly forgotten could lead to continued problems in the future with DDoS, account takeover, and malware distribution.

Readers must be aware that this is an active vector currently in use to conceal the traffic of attackers. The location of the origin of the traffic is effectively hidden by using vulnerable devices as proxies. Carriers and ISPs need to be aware of the vulnerability, as end users and customers may appear to be hosting content or the source of attacks when the responsible party is actually behind one or several layers of compromised routers. Law enforcement officers should be advised that, similar to other types of proxies, UPnProxy has the potential to make their jobs harder by adding another layer of obfuscation to traffic from criminal actors.

Read the full research paper

Share

Akamai Wave Blue

Written by

January 27, 2022

Akamai Wave Blue

Written by

Related Blog Posts

A good bot management strategy will allow you to take action on one specific bot within a category.

A good bot management strategy will allow you to take action on one specific bot within a category.

Managing AI Bots as Part of Your Overall Bot Management Strategy

November 20, 2024

Learn about the potential impacts of AI bots and the importance of having a holistic bot management strategy.

by Ilia Bromberg and Christine Ferrusi Ross

Read more

A primary goal of Zero Trust is to minimize the attack surface — and microsegmentation is key to achieving this.

A primary goal of Zero Trust is to minimize the attack surface — and microsegmentation is key to achieving this.

Segmenting Hybrid Clouds: What to Look for in a Solution

November 19, 2024

Learn how to select a microsegmentation solution to fortify your organization’s cloud security strategies and protect your assets across multiple public clouds.

by Jacob Abrams

Read more

Proactive, holistic ransomware prevention and protection measures are crucial to your enterprise’s continued success.

Proactive, holistic ransomware prevention and protection measures are crucial to your enterprise’s continued success.

Five Ways to Prevent and Protect Against Ransomware Attacks

November 18, 2024

Ransomware is a pervasive threat to modern enterprises. Learn five key ransomware prevention strategies to protect your business, customers, and data.

by Jacob Abrams

Read more