Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

Netgear router software allows for exfil of secret data when system is 'blocked' from access control

Rafius
Initiate
Initiate
‎2022-08-08 10:30 PM
‎2022-08-08 10:30 PM

Netgear router software allows for exfil of secret data when system is 'blocked' from access control

Putting a connected device in 'blocked' mode by using access control still allows for secret data to be exfiltrated out of the device and onto the WAN by using UDP protocol.  Apparently the "blocked" status only applies to TCP.

Message 1 of 2
0 Kudos
Reply
Rafius
Initiate
Initiate
‎2022-08-08 10:41 PM
‎2022-08-08 10:41 PM

Re: Netgear router software allows for exfil of secret data when system is 'blocked' from access con

I've tested this on a NetGear R7000 and a nighthawk AX6.  Devices that stream via UDP can still push to a listener on the internet even though the device is 'blocked' via access control.  Only when i Block a service "UDP -ALL" does UDP get blocked.

Message 2 of 2
0 Kudos
Reply
Top Contributors
See All
Discussion stats
  • 1 reply
  • ‎2022-08-08 10:30 PM
  • 491 views
  • 0 kudos
  • 1 in conversation
Announcements

Orbi WiFi 7