Port 32764…Are you listening?

What started out as a problem with one router is turning into a much larger problem.  It started with the Linksys WAG200G, but now more impacted routers are being discovered.  The problem is there is a vulnerability that someone can use to gain access and control of your router.  This is not an urban legend or fake exploit.  Read here for more info.

The good news is that the problem is easy to identify and fix.

1. Find out your router’s public/external (WAN) IP address by going to a website that tells you your IP address.

2. Navigate to your external IP address on port 32764 in your web browser. That is, type in your IP address in the location field of your browser, followed by a colon, followed by the number 32764. It should look something like this: http://192.0.2.53:32764

3. If nothing happens and you eventually get a “connection has timed out” or “the server is taking too long to respond” error message, your router is probably not affected. If you get anything but an error message, or a mostly blank page with the text MMcSÿÿÿÿ on it then your router is probably affected.

4. If your router is affected, all you need to do is create a rule in your router’s firewall to block port 32764.

This entry was posted in News, Scanning Services, Security Awareness. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *