81 million publically routable IPv4 endpoints have UPnP (which only makes sense LAN-side) open on the WAN side, and worse, most of those have a copy of the reference implementation with next to no security in it, thereby allowing a single UDP packet over 1900 to take over the router.
XNet's previously recommended hardware is among those affected, in particular the WAG310G, which also looks like it might also have it's admin portal open WAN-side too!
Various honeypot machines are seeing a daily increase in probes against this port - the threat is very real and definitely increasing!
Use the ShieldsUp service at grc.com ( https://www.grc.com/x/ne.dll?bh0bkyd2 ) to check if you are vulnerable, as it has a specific test for this.
If you are, join in the pressure to get XNet to block UDP:1900 as it is very unlikely the router makers are going to move fast on this as it'd involve admitting liability.
And should they release an update, how many affected customers would actually be able to successfully apply a firmware update - how many would just call it too hard..?