UPnP is used in the bitcoin implementation. How can I be sure that hackers are not able to use this technology to discover my devices and do more nasty stuff? Would it not be better to use other, more secure technologies?
see http://www.upnp-hacks.org/upnp.html for more info.
If you don't see this as an issue, then delete this Issue.
I'm not aware of any security problems with using UPnP.
As I understood those vulnerabilities affect UPnP servers, not clients? In that case disabling it in bitcoin (which can already be done through a configuration option) makes you nothing safer, you need to disable it in your router.
If there's also problems with the upnp client library used by bitcoin (miniupnpc) then sure it makea sense to disable building with it by default...
Yes I already looked but haven't been able to find any problems with miniupnpc, and the linked site (upnp-hacks) even recommends using the miniupnpd (server) stack by the same vendor. Thus there is no software issue at our side. There's no problem with using UPnP when it is already available on a network.
However, in general, with so many buggy UPnP implementations around in routers, there may be wisdom in recommending against enabling it in the router configuration. If you know what you're doing it's always safest to manually forward single ports. But this would be a documentation/wiki thing, not a software issue...
So I'm closing this issue.