Over 80 million unique IPs were identified that responded to UPnP discovery requests from the internet. The risk is an attacker could “execute arbitrary code on the device or cause a denial of service,”, it could install malware on victim’s computer. Rapid7 has also provided a free vulnerability scanner, ScanNow UPnP, that can identify exposed UPnP endpoints in your network.