TD-W8980 port 7547 TCP open by default

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

TD-W8980 port 7547 TCP open by default

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
TD-W8980 port 7547 TCP open by default
TD-W8980 port 7547 TCP open by default
2013-02-18 09:19:35
Region : UnitedKingdom

Model : TD-W8968

Hardware Version : V1

Firmware Version : 0.6.0 0.5 v000e.0 Build 121225 Rel.42874n

ISP :


Hi Guys

Just checked and port 7547 which is used for CWMP is open by default even if the settings are showing disabled.
Try http://"external IP address":7547

Is that an issue with the firmware?

Cheers
  0      
  0      
#1
Options
7 Reply
Re:TD-W8980 port 7547 TCP open by default
2013-02-19 09:42:33
Will that be fixed in the next firmware?
  0  
  0  
#2
Options
Re:TD-W8980 port 7547 TCP open by default
2013-03-02 19:11:06
I am seeing the same behaviour on my TD-W8980...

It's far from ideal, in terms of security disabling a service is supposed to do exactly that... Even if the CWMP service is not responding to requests it could still contain a vulnerability that could be exploited by a hacker to gain access the router and subsequently your internal network!

Fingers crossed this is resolved in a new firmware version!
  0  
  0  
#3
Options
Re:TD-W8980 port 7547 TCP open by default
2013-03-04 17:36:39
i don't think so, many network devices (Modem, router) have some enabled ports by default, i think no need to worry it at all
  0  
  0  
#4
Options
Re:TD-W8980 port 7547 TCP open by default
2013-03-05 05:49:12
TP-LINK TD-W8970 also has this bug.
The CWMP service port, is always open, even when the service is closed.

peter wrote

i don't think so, many network devices (Modem, router) have some enabled ports by default, i think no need to worry it at all


I don't agree with you, only buggy network devices have open WAN ports.
In TP-LINK web configuration page, there are 3 options to OPEN WAN ports, "Virtual Server", "Port Trigger" and if you "enable a router service in the WAN" (FTP server, web interface, etc.).
They provide the means to control if and what ports are open, by default all ports should be stealth.

The CWMP service port, should never be open when the service is closed.
This is a BUG, if they have this bug, it is expected that they have more bugs, not the other way.
Maybe the service is running and replying at that port, we don't know.
It is disable in web configuration, but it is running and was never configured ? = anything can happen here, whats the default password? did you configured it?
Also, having this port open, it's an indication that there is this tp-link router model in this ip, where nothing should be detected.
See the tip of the iceberg here: http://en.wikipedia.org/wiki/Port_scanner

I really hope they fix this bug.


-EDIT-1-
@TP-LINK:
The service is running, anyone can connect and login to this service at our router.
As STEF (the OP posted), to test goto your browser and do: http://router_wan_ip:7547/tr069
I'm speechless, the router is open in the WAN :(

Please fix this huge bug.

-EDIT-2-
@all:
Goto router CWMP web config page and change the default user/password/port to random values.
It's important to change the default values, so that attackers can not connect using the default known values.
Also google what can be done with CWMP :(

Let's hope TP-LINK fixes this huge bug fast.
  0  
  0  
#5
Options
Re:TD-W8980 port 7547 TCP open by default
2013-04-25 01:29:04
Firmware TD-W8970_V1_130415 fixes the W8970 open port problem.

Thanks TP-LINK !
  0  
  0  
#6
Options
Re:TD-W8980 port 7547 TCP open by default
2013-04-29 16:52:53
Using the latest firmware for the W8980:

Basic Status

Device Information

Firmware Version:0.6.0 0.6 v000e.0 Build 130304 Rel.38108n

Hardware Version:TD-W8980 v1 00000000

And this bug still exists!


PORT STATE SERVICE

7547/tcp open unknown

Please patch this, TP-LINK.
  0  
  0  
#7
Options
Port 7547 open on TD-8840T
2014-06-30 15:52:24
Model No. TD-8840T
Firmware Version:0.8.0 2.2 v0007.0 Build 140418 Rel.42874n
Hardware Version:TD-8840T v4 00000000

I just bought the TD-8840T today, and am less than satisfied with the security. (even after updating the firmware to the latest version)

Most of all, Port 7547 was open and took a fair bit of work to close it. I did this by changing the port for CWMP to another port, and then port fowarding 7547 to an unused internal address.

Additionally, Port 80 was open to WAN by default also - and no settings allowed me to change it. That is just insane. I ended up forwarding port 80 to an unused internal address.

All of the ports show as 'closed' when doing a shields-up test - and they should show as 'stealth'.

Other precautions:
Changed all default usernames and passwords including the WAN Mgt ones on the CWMP page.
[*]Port forwarded all ports 1-65535 to the nul internal address. (now all non-solicited queries from WAN go to a null address. All other functions work OK.)
[*]turned off UPnP and other services not required.


Basically I cannot trust this device and will replace it this weekend.
  0  
  0  
#8
Options