× Introducing the Orbi 970 Series Mesh System with WiFi 7 technology. For more information visit the NETGEAR Press Room.

Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

RAX43 - AX4200 WAN port 80 exposed

SCAREY29
Follower
Follower
‎2021-09-14 12:36 AM
‎2021-09-14 12:36 AM

RAX43 - AX4200 WAN port 80 exposed

Hi,

I have been looking into the security of my router, 

I have found that port 80 is exposed over the WAN and returns the router login page... 

Any help on which setting is exposing port 80 would be great!!

 

I checked the phone app settings as I have read on a few boards that this can expose the anywhere connect. I have this disabled.

when checking all of the settings in the web UI, I have disabled Readyshare and have web service management only on https. 

 

I have attached to another network outside of my LAN and scanned the ports and 80 is still available..... 

To get around having port 80 expose my router login page I have a port forwaring rule to send it to a dead IP. 

 

Settings checked web UI 

Advanced > Advanced Setup > Web Services Management > 

Advanced > USB Functions  > ReadyShare Storage > everything disbaled

Settings in Phone App 

Settings > Anywhere Access > Disabled

 

Testing from external network to my WAN IP 

Without Port forwarding - Router login page is available 

 

PORT STATE SERVICE VERSION
80/tcp open http
| fingerprint-strings:
| GetRequest, NULL:
| HTTP/1.0 200 OK
| Content-length: 697
| Content-type: text/html; charset="UTF-8"
| x-frame-options: SAMEORIGIN
| Cache-Control:private, no-cache, no-store, must-revalidate
| Pragma:no-cache
| <html><head>
| <META name="description" content="RAX43">
| <META http-equiv="Content-Type" content="text/html; charset=utf-8">
| <META http-equiv="Content-Style-Type" content="text/css">
| <META http-equiv="Pragma" content="no-cache">
| <META HTTP-equiv="Cache-Control" content="no-cache">
| <META HTTP-EQUIV="Expires" CONTENT="Mon, 06 Jan 1990 00:00:01 GMT">
| <title>NETGEAR Router RAX43</title>
| <script language="javascript" type="text/javascript">
| function loadnext() {top.location.href="http://www.routerlogin.net/index.htm"; }
| function loadnext() {top.location.href="https://www.routerlogin.net/index.htm"; }</script></head>
|_ <body bgcolor="#ffffff" onload="loadnext()"> </body></html>
|_http-title: NETGEAR Router RAX43
|_http-favicon: Unknown favicon MD5: 210136E7153E18A516E999D35C9D6D10
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS

 

With Port forwarding - no return

 

PORT STATE SERVICE VERSION
80/tcp filtered http

 

 

 

Firmware Version V1.0.2.82_2.0.50

Model: RAX40|Nighthawk AX4 4-Stream WiFi Router
Message 1 of 1
0 Kudos
Reply
Discussion stats
  • 0 replies
  • ‎2021-09-14 12:36 AM
  • 559 views
  • 0 kudos
  • 1 in conversation
Announcements

Orbi WiFi 7