Leaving port forwarding enabled can expose the organization to security risks and backdoors.

For example, if a server intended to only provide SFTP file transfers allows port forwardings, those forwardings might be used to gain unintended access into the internal network from the Intranet.