Backdoor in Linksys and Netgear routers 2015

This news could hurt the reputation of both companies. A passionate (and obviously very competent) reverse-engineer from France, Eloi Vanderbeken forgot the admin interface password of his router and so he just wanted to have fun accessing the administration side and that’s when he discovered a backdoor in his Linksys WAG200G router. After publishing this discovery on Github, other users have confirmed its existence in at least three other routers:

• Netgear DM111Pv2
• Linksys WAG320N
• Linksys WAG54G2

Other routers are suspected of providing equal opportunity to obtain the administrator password through the 32764 port, but it has not yet been confirmed:

• Netgear DG934
• Netgear DG834
• Netgear WPNT834
• Netgear DG834G
• Netgear WG602
• Netgear WGR614
• Netgear DGN2000
• Linksys WAG120N
• Linksys WAG160N
• Linksys WRVS4400N

The backdoor listens for communications sent to port 32764 specifically and answers a series of 13 numbered commands that can be ordered by sending a specific message. It is therefore possible to obtain the complete remote configuration of the router, the administrator password or even restore default settings.

thanks for visiting our site please leave a comment.