- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: RAX80 admin accessible from public IP??
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
RAX80 admin accessible from public IP??
I use a domain name to access servers and VMs behind my Router (RAX80). I do NOT allow remote management.
Turns out that, for who knows how long, the default response from port 80 appears to be the admin login window to the Router admin console... I had to manually set up a port 80 forward to an IP that doesn't exist in my LAN.
Is this expected behavior? This sounds like a major security concern, trusting the Firmware of a router to the public domain...
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX80 admin accessible from public IP??
Hi idlacrosseplaye,
I'll forward this to our product teams for further review. I'll be sure to reach out if further information is needed. In the meantime, may you let me know what firmware version the RAX80 is currently on.
Regards,
Christian
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX80 admin accessible from public IP??
It is now on 1.0.3.98_1.0.46
I was on 1.0.3.88_xxxxxxx if I recall.
I always test pilot your firmwares 😉
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX80 admin accessible from public IP??
idlacrosseplaye,
Thanks for confirming. May you check to see if you're able to replicate the experience while on firmware v1.0.3.98_1.0.46.
Thanks,
Christian
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX80 admin accessible from public IP??
@idlacrosseplaye I attempted to recreate the behavior you are describing. Please ensure that you try from another network. It seems to me that the router (knowing your public IP) does not actually direct the traffic outside of the network, but rather consumes it at the router if it does not have a directive to route it to another internal IP. Odd behavior to be certain, but not the security threat that it first appears to be. If you do manage to access it from an outside network, then this is certainly a major security flaw.
• Introducing NETGEAR WiFi 7 Orbi 770 Series and Nighthawk RS300
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more