This indicates an attack attempt to exploit a Security Bypass vulnerability in a Router or Gateway with UPnP services enabled.
The vulnerability is due to an design flaw when the vulnerable software attempts to handles a crafted XML UPnP configuration file. An attacker can exploit this to bypass vulnerable router or gateway access restrictions via a specially crafted XML UPnP configuration file to form a proxy.
Router or Gateway with UPnP services enabled
Security Bypass: Remote attackers can bypass security mechanism on vulnerable systems and open a port to the public
There are two possible actions:
1 Disabled UPnP service
2 Monitor port opened in the router or gateway. If any open port without authenticated was found, close this port.