NETGEAR DGN1000 vulnerable
monga opened this issue · 7 comments
I can confirm the vulnerability on this model (Firmware Version V1.1.00.46_ww).
Thank you for your work.
Thank you, I updated the list :)
Do you know if there is any difference between your router and the other DGN1000 mentionned in the readme?
No, I don't, sorry: they are very likely to be the same. I've sent the issue message just to document also the firmware version.
Ok, thank you :)
Has anyone found a alternative firmware that can be applied. DD-WRT? Open WRT & Tomato don't have firmware for this router. I have tried to block the port using exiting firmware without success.
I brought this issue up with netgear support (2014/01/17), and just in the last few days they have released a new firmware version that resolves the port 32764 issue. The new firmware is available on their website (http://downloadcenter.netgear.com/other/)
I've confirmed that the below version works correctly.
http://www.downloads.netgear.com/files/GDC/DGN1000/DGN1000-V1.1.00.49WW.zip
If the original backdoor was a planned 'feature', then its possible that there is a knocking sequence required to unlock port 32764 (that is, port 32764 opens after trying port 5000, then 8000 before 32764 as an example).
I'll have a look, thank you :)
Oh god :')
Expect some lolz in the next few days :)