× Introducing the Orbi 970 Series Mesh System with WiFi 7 technology. For more information visit the NETGEAR Press Room.
Orbi WiFi 7 RBE973
Reply

Re: RAX80 admin accessible from public IP??

RAX80 admin accessible from public IP??

I use a domain name to access servers and VMs behind my Router (RAX80). I do NOT allow remote management.

 

Turns out that, for who knows how long, the default response from port 80 appears to be the admin login window to the Router admin console... I had to manually set up a port 80 forward to an IP that doesn't exist in my LAN.

 

Is this expected behavior? This sounds like a major security concern, trusting the Firmware of a router to the public domain...

Model: RAX80|Nighthawk AX8 8-Stream WiFi Router
Message 1 of 5
Christian_R
NETGEAR Employee Retired

Re: RAX80 admin accessible from public IP??

Hi idlacrosseplaye, 

 

I'll forward this to our product teams for further review. I'll be sure to reach out if further information is needed. In the meantime, may you let me know what firmware version the RAX80 is currently on. 

 

Regards,

Christian 

Message 2 of 5

Re: RAX80 admin accessible from public IP??

It is now on 1.0.3.98_1.0.46

 

I was on 1.0.3.88_xxxxxxx if I recall.

 

I always test pilot your firmwares 😉

Message 3 of 5
Christian_R
NETGEAR Employee Retired

Re: RAX80 admin accessible from public IP??

idlacrosseplaye, 

 

Thanks for confirming. May you check to see if you're able to replicate the experience while on firmware v1.0.3.98_1.0.46.

 

Thanks,

Christian 

Message 4 of 5
Lp3
Aspirant
Aspirant

Re: RAX80 admin accessible from public IP??

@idlacrosseplaye I attempted to recreate the behavior you are describing. Please ensure that you try from another network. It seems to me that the router (knowing your public IP) does not actually direct the traffic outside of the network, but rather consumes it at the router if it does not have a directive to route it to another internal IP. Odd behavior to be certain, but not the security threat that it first appears to be. If you do manage to access it from an outside network, then this is certainly a major security flaw.

Model: RAX80|Nighthawk AX8 8-Stream WiFi Router
Message 5 of 5
Top Contributors
Discussion stats
  • 4 replies
  • 1027 views
  • 0 kudos
  • 3 in conversation
Announcements

Orbi WiFi 7