To understand the risk, you must first understand the service.
It allows a client to discover and use remote devices/services over a network. The Devices Profile for Web Services (DPWS) standar... SonicWall Port 5357 – WSDAPI (Web Services for Devices) - PentestPad Service: http. TCP. 5357. Used for: Port 5357 (TCP) is used by Microsoft WSDAPI to discover and communicate with devices like prin... PentestPad To Block or Not to Block : Port 445 and 5357 - Wilders Security Forums Jan 5, 2011 — 5357/tcp open wsdapi
: Like many discovery protocols, it can sometimes be exploited for reflection or amplification attacks, though this is less common than with UDP-based services. How to Manage or Close Port 5357 To understand the risk, you must first understand
wsdapi on port 5357 is used for:
When this port is "open," it means the Web Services Discovery service is active and listening for incoming HTTP requests to identify or manage network-connected hardware. Why is Port 5357 Open? SonicWall Port 5357 – WSDAPI (Web Services for
The service uses XML parsing. An attacker could send malformed XML packets or huge SOAP envelopes to consume CPU resources on the target machine, potentially freezing the discovery services or the entire host.