NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RAX120 login exposed?
I have checked the router setting for port forwarding / triggering, disabled remote management, etc. However the router's login prompt is accessible external using HTTP (not https though). Using http:...
Just a thought what firmware are you using? With remote manament turned off you should not be able to log in unless you enable remote managment. Have you updated to the latest Hotfix and done a factor reset? With remote management turned on you can define what device/devices can acess your router, maybe that would be preferable as a work around. Also as mentioned everywhere online, have a complicated password, they really do help.
https://kb.netgear.com/976/Enabling-your-router-s-remote-management
I have done a factory reset. I did try enabling remote management. Then waiting and disabling similar to a previous defect.
I am using firmware V1.0.1.90.
The default remote management url for Netgear is https://ipaddress:8443. The url I am referring to which is exposed is different hence the original request.
If people are responding with responses like "it's ok to have it exposed" it's Pleaselike using Amazon...thank you but please refrain from responding as exposing administrative interfaces to routers fro. External network locations is not even close to the same thing as a publicly facing site.
I totally understand what you are saying. Just to clarify, are you actually able to login or is the router just displaying the username/password screen and would actually reject login attempts? If you are actually able to login to the router from an external network with remote management turned off, it should be marked as a security bug in firmware.
I cannot test this because I run the router in AP mode which greys out remote management.
Straitpipe wrote:
The default remote management url for Netgear is https://ipaddress:8443.
This is, of course, also the entry point through Remote Management itself, but with the address
https://[username].mynetgear.com:8443
How would someone else find your WAN address from a coffee shop?
Or is it just a random attack thing?
If you have a fixed WAN address from your ISP it probably isnt difficult for someone to find out your specific IP address.
However, I'd imagine there are lots of tools out there that would just cycle through random IP address & look for an active responce.
If the router responds to a request for WAN IP & opens a login page then you are wide open to a brute force attack.
Accepted, someone could only modify your router settings & mess up your network but I guess they can also see connected devices, change your password, open ports, enable port forwarding etc.
If the router is set to "Remote Management Disabled" then I, like the OP, would not expect the router to respond at all from outside the local network....
Have things changed with the new firmware update? 1.0.1.108? As said if you can actually log in then report this as a security bug ASAP, if you can just but see a HTTP login but cant actually log into the router itself then as much of a pain as it is you are going to have to wait till netgear decides to use HTTPS. Contact them as many of us have and complain.
