I've installed XAMP on my computer and used both Apache and MySQL services.
However, what i have realized is that MySQL's bind_address is set to 0.0.0.0 by default, meaning it allows connections from all interfaces.
I can confirm that XAMPP adds 2 Firewall rules, which allow inbound connections on to that port - 3306. I have also checked user accounts and now can confirm, that root can be accessed only from localhost, but i have created another user, which can be accessed from anywhere (it has strong password).
But this means that XAMPP has done everything to allow remote connections to the server and now my question is, does it use UpNp to add port forwarding on the router? Because if it does, or does something similar, it basically lets anyone connect to your MySQL server from Internet by default, once ran.
Then i'm not sure, but i believe that MySQL CLI has the ability to read and make files when privileged to do so, but can it also run files, such as basic executables?