Genie R6200v2 - Botnet Vulnerability on Port 7547

Question

Could someone at Netgear explain to me why port 7547 is open to the outside internet? This port is for CPE WAN Management Protocol (CWMP), apparently. I have remote management turned off. Due to the recent botnet attacks I had an external scan done on my network and this port was found to be open.

Is this something that is open on the router itself and if so how do I turn this off? A basic Google search shows that this port can be used for malicious purposes and could definitely be an exploit. I changed the password when I first installed the router but I'm concerned as to why this port would be open.

DexterJB · Answer

Hi Chromag9,

&nbsp;

1. How did you perform the test?

2. Please provide screenshots if possible.

3. What is the firmware version of the router?

4. Were you able to test other firmware versions?

&nbsp;

Regards,

&nbsp;

Dexter

Community Team

DexterJB · Answer

Hi Chromag9,

&nbsp;

I would like to follow up and check if you are still experiencing the issue.

&nbsp;

Regards,

&nbsp;

Dexter

Community Team

Chromag9 · Answer

Hi Dexter. &nbsp;Sorry for the delay. &nbsp;I used the following site posted on Lifehacker about testing your network for possible IoT vulnerabilities:&nbsp;http://iotscanner.bullguard.com/&nbsp;I retested my network this evening and it's saying I'm protected and port 7547 is no longer showing up. &nbsp;A bit odd that it was showing up and now it's not.&nbsp;I'm using the Genie&nbsp;R6200v2. &nbsp;Firmware&nbsp;AV1.0.3.10_10.1.10. &nbsp;When I check for updates it says I'm running the latest version.&nbsp;Thanks!

DexterJB · Answer

Hi Chromag9,

&nbsp;

Thank you for responding. Good to know that. We have done our own tests and did not encounter the issue. Please keep us posted if anything of this nature comes up.

&nbsp;

Regards,

&nbsp;

Dexter

Community Team

Forum Discussion

Genie R6200v2 - Botnet Vulnerability on Port 7547

4 Replies