Home
 » ISP News » 
Sponsored Links

Consumer Broadband ISP Routers Exposed via New Backdoor Exploit

Tuesday, Jan 7th, 2014 (1:12 pm) - Score 4,780
security_broadband_isp_routers

Broadband ISP customers that own some models of Cisco, Netgear, Linksys or certain other routers could be vulnerable to a new backdoor exploit that allows a hacker to remotely input their own admin password and possibly gain full access to your network.

The hack, which has been published by Eloi Vanderbeken on Github (note: more details via Hacker News), is increasingly believed to be common among devices that were physically manufactured, on behalf of the big router firms, by Sercomm.

Vanderbeken noted that many of these devices, such as for example Netgear’s DGN2000 and DG834B, appeared to be listening on an undocumented service via TCP port 32764 (note: not all models will listen via this port over the Internet / WAN but some do).

A little reverse engineering later and Vanderbeken found that he could send commands to the router via this port and without needing an administrator’s password. At this stage his access was still limited but it didn’t take him long to figure out how to reset the admin password for full access.

Backdoor confirmed in (LISTENING ON THE INTERNET):

  • Cisco WAP4410N-E 2.0.1.0, 2.0.3.3, 2.0.4.2, 2.0.6.1 (issue 44)
  • Linksys WAG120N (@p_w999)
  • Netgear DG834B V5.01.14 (@domainzero)
  • Netgear DGN2000 1.1.1, 1.1.11.0, 1.3.10.0, 1.3.11.0, 1.3.12.0 (issue 44)
  • OpenWAG200 maybe a little bit TOO open 😉 (issue 49)

Backdoor confirmed in:

The exploit is also believed to be present in a number of other routers, although we’ve only listed the fully confirmed ones above. On some models the simplest solution to this exploit is to create a new Firewall Rule in your router that blocks access to TCP 32764, although it’s noted that this didn’t appear to work on the Cisco RVS4000 and others may share a similar problem.

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
Mark-Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook and .
Search ISP News
Search ISP Listings
Search ISP Reviews

Comments are closed

Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
NOW UK ISP Logo
NOW £25.00
100Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £26.00
132Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £26.50 - 27.00
150Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £27.99
145Mbps
Gift: None
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £17.00
200Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
BeFibre UK ISP Logo
BeFibre £19.00
150Mbps
Gift: None
YouFibre UK ISP Logo
YouFibre £22.99
150Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Large Availability | View All
The Top 15 Category Tags
  1. FTTP (5706)
  2. BT (3562)
  3. Politics (2595)
  4. Openreach (2340)
  5. Business (2316)
  6. Building Digital UK (2273)
  7. FTTC (2060)
  8. Mobile Broadband (2036)
  9. Statistics (1825)
  10. 4G (1722)
  11. Virgin Media (1671)
  12. Ofcom Regulation (1490)
  13. Fibre Optic (1422)
  14. Wireless Internet (1415)
  15. FTTH (1383)
Promotion
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact
Mastodon