NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

pacey_E's avatar
pacey_E
Aspirant
Jun 05, 2013

Vulnerability Scan - Port 23 Open

According to the manual, the default Inbound rule is Block All; however, when I ran NMap TCP Connect Scan against the WAN IP, I was shocked to see some ports open. Does this mean that PCs in the same subnet can connect to my router?

Here's the result of the scan on WAN IP:

PORT    STATE    SERVICE

23/tcp  open telnet
80/tcp  open     http
81/tcp  open     hosts2-ns
443/tcp open     https


Now here's the result of the scan on the router's private IP that I assigned:

PORT    STATE    SERVICE

23/tcp  open     telnet
80/tcp  open     http
81/tcp  open     hosts2-ns
140/tcp filtered unknown
443/tcp open     https


Then, I created a new Inbound rule to block access to Port 23 and the scan on WAN IP result is as follows:

PORT    STATE    SERVICE

23/tcp  filtered telnet
80/tcp  open     http
81/tcp  open     hosts2-ns
443/tcp open     https


Thanks for your help.

5 Replies

  • pacey_E's avatar
    pacey_E
    Aspirant
    Jun 05, 2013
    I forgot to mention the model number and firmware version:

    System Name: FVG318_NETGEAR
    Firmware Version: v2.1.2-67N
  • fordem's avatar
    fordem
    Mentor
    Jun 05, 2013
    Where was the machine running the scan PHYSICALLY connected? If you scan the WAN ip address whilst physically connected to the LAN side of the firewall, you will get erroneous results.
  • pacey_E's avatar
    pacey_E
    Aspirant
    Jun 07, 2013
    Thanks, guys!

    I'll run another set of test. I'll keep you posted.
  • pacey_E's avatar
    pacey_E
    Aspirant
    Jun 09, 2013
    I ran another isolated test (not from the LAN side) and the result is the same. Standard port scanning will show no ports are open, but hen TCP connect scan was performed, ports 23, 443, 80 showed as open.

    The worst part was I can telnet and access the Wewb administration page from the WAN side which makes it vulnerable for exploit.

    Here's the same issue with another Netgear product:

    http://www.cvedetails.com/cve/CVE-2012-2439/

    I have to create an inbound rule to block incoming traffic for ports 23, 443, and 80 as a workaround.

    I hope this will be addressed soon.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More