> All of this a disaster waiting to happen because of UPnP (ugh, how many home routers have this enabled...)
The problem is shitty UPnP implementations rather than UPnP itself. If you're pwned you are fucked one way or another, if an online device is vulnerable it's going to be vulnerable wether it exposes itself through UPnP or if it's manually forwarded.
And in the end if you don't like it and want to do your own manual forwarding in a home router, you're free to disable it.
The problem is shitty UPnP implementations rather than UPnP itself. If you're pwned you are fucked one way or another, if an online device is vulnerable it's going to be vulnerable wether it exposes itself through UPnP or if it's manually forwarded.
And in the end if you don't like it and want to do your own manual forwarding in a home router, you're free to disable it.