Port 5357 __hot__ Jun 2026

Port 5358 is used for the secure (HTTPS) variant of the same service.

When you open "Network" in Windows Explorer and see a list of available printers or computers, port 5357 is often the mechanism working in the background to provide that metadata via HTTP.

| Item | Detail | |------|--------| | Primary service | WSDAPI (Web Services for Devices) | | Transport | TCP | | Typical environment | Local LAN, Windows with WSD-enabled devices | | Risk if open to internet | Low to moderate (information disclosure) | | Recommended action | Block inbound on public/WAN interfaces; allow only on trusted LAN | port 5357

On Windows, you can also check the status of the dependent services:

A response might contain XML/SOAP metadata if the WSD service is active. Port 5358 is used for the secure (HTTPS)

When a Windows device boots up or connects to a network:

netstat -an | findstr :5357

Because Port 5357 is enabled by default on many versions of Windows (including Windows 10 and Windows Server), millions of machines were theoretically vulnerable simply by being connected to a network.

Port 5357 – WSDAPI (Web Services for Devices) - PentestPad When a Windows device boots up or connects