While you’re opening most outbound UDP ports for just the switch, a uPnP vulnerability has the possibility of letting an attacker open ports, especially inbound registered ports (SSH, RDP, etc), for all devices.

If you do everything right (wifi client isolation, if your WAP has that option) opening the port for the switch is “essentially” as safe as it can be. The safest being Nintendo listing their public IPs but I think switch games use P2P which is why they don’t.

deleted by creator

Yeah, that’s just basically every unregistered UDP port… Not much you can do about it since Nintendo has struggled to understand the internet and its uses since the Famicom.

And no, for the love of God don’t enable uPnP. It’s still pretty much the worst thing you can do.