In a period of time where the NSA has been accused of intercepting data from PCs and online networks, there's now a newly discovered flaw in many routers that could allow people to remotely access the hardware to gain admin access, among other things.
The Netgear DGN2000 is one of the routers found to be listening in on the port 32764.
A few days ago, a known hacker named Eloi Vanderbeken posted up a note on GitHub. He wrote about his discovery that his Linksys WAG200G wireless DSL gateway was listening on the undocumented TCP port 32764. He later found that the port was open on a number of other routers from Linksys, Netgear, Cisco and others. While some of these products have the port open just on their local network, several of them are exposed when connected to the Internet.
So why do so many of these routers have this previously unknown port? It's not currently known, but the GHacks.net website offers up several ways to find out if a home or work router has this undocumented port active.
If the port is found, the site has a number of recommendations to close this vulnerability. They include adding a rule to the router's firewall to block the 32764 port or downloading an open source firmware for the hardware. Of course, the easiest thing to do is simply replace the router with one that is not listening in on the port.
44 Comments - Add comment