This post is the final part of this discussion (at least for now).
Again, I will reference Steve Gibson's Security Now podcast, this time episode 804.
In this episode, Steve describes how a NAT slipstreaming attack allows a remote attacker to trick the NAT into creating NAT traversal mappings to ANY device on the internal network,
This isn't good.
Armis discovered that routers' Application Layer Gateways (ALGs) have even more issues.
WebRTC TURN (Traversal Using Relay around NAT) connections can be established by browsers over TCP to any destination port. The browsers restricted-ports list was not consulted by this logic, and was therefore bypassed.
So what to do? I repeat the recommendation at the end of Part II. In your router, turn off as many of the ALG passthroughs that you can.
Good luck if you're using H.323.