Discussion stats
  • 2 replies
  • 2598 views
  • 0 kudos
  • 3 in conversation
Announcements

Top Contributors
Reply
Highlighted
Follower

Router R6200v2 - V1.0.3.10_10.1.10 Remote Management

Netgear Router R6200v2 - Firmware v1.0.3.10_10.1.10

 

I may have discovered a possible vanabliity with the above firmware.
I typed in the external IP address of my router and was prompted to log in.

I used my password and lo-and-behold, I could access my router settings.

I checked the settings and this option is NOT checked off, and selecting it and deselecting it didn't change anything either.

 

For the past several months, I've been running a log and been noticing forgien IP address attempting to access my network and I know it could only be a matter of time before they try at cracking my password and gaining access to more than I want.

 

Has anybody else noticed this, and is there a patch/setting/fix I could impliment?

 

P-C

Message 1 of 3
Highlighted
Retired_Member
Not applicable

Re: Router R6200v2 - V1.0.3.10_10.1.10 Remote Management

Select only this PC and use your IP and change last digit and test

Message 2 of 3
Highlighted
Aspirant

Re: Router R6200v2 - V1.0.3.10_10.1.10 Remote Management

you stated you typed in the Wan side IP for your router and were allowed to access the GUI, however I suspect you did so from within your LAN. Try using a computer not located on the LAN of the router but outside on the WAN. Then try typing in the IP and I bet you get a differant response or should say no response as is the intended solution. All ips on the public IP space are scanned hundred of thousands of times each day by malacious and benign systems so I doubt your targetted unless your a sys admin or in the defense field they have bigger targets to hit.

Basically the firewall sees your traffic on the protected side of the wall or I should say the ruleset reads-- allow Lan-> all , Dissallow Wan-> all , so the firewall tags your request as allowed to go anywhere including the gui despite its IP address being in the wan space. but traffic coming in on WAN and asking for same ip is dissallowed.

Message 3 of 3