There’s some 81 million unique IP addresses that expose UPnP functionality from the internet, and more than 6900 different devices are potentially vulnerable, at least, to being hacked from the outside. This means, theoretically, that your router could end up being hacked to forward ports from the outside world, which leaves you open to more hacking.
The simple answer is to disable UPnP on your wireless router. Since each router is different, you’ll need to login to your wireless router’s admin panel (use the manual to figure that out), and then find the UPnP setting. If you’ve forgotten the password, check out our article on how to access your router even if you forgot the password.
Security Flaws in Universal Plug and Play: Unplug, Don’t Play [SecurityStreet | Rapid7]