Maybe you are using a router of the Chinese company Netcore, which is also known as Netis outside the china and if yes you are using the same router device that I am talking about, so beware from now, as your network can be hacked by an attacker any time.
Router manufactured by the company named Netcore or Netis has a backdoor that can easily run arbitrary code on these routers, rendering it vulnerable as a security device.
According to the Trend Micro, after successfully gaining access inside the router, an attacker can easily run malicious code on routers and change settings.
If we talk more about the company speciality, so it is the best known company that is providing the best wireless transfer speed up to 300Mbps, offering a better performance on online gaming, video streaming, and VoIP phone calling.
In simple words, the vulnerability in the router is an open UDP port listening at port 53413 in the router. This port is accessible from the WAN side of the router. This means that if the router in question has an externally accessible IP address (i.e., almost all residential and SMB users), an attacker from anywhere on the Internet can access this backdoor:
Upon further more research on this issue, Trend Micro found that This backdoor is “protected” by a single, hardcoded password located in the router’s firmware, which is remain same for all the routers and the scary thing is— users cannot modify or disable this backdoor.
So, how funny security is that guys, you are gone, if you are using these routers.
With the help of using Zmap, Trend Micro found two million IP addresses with the open UDP port, and most of the cases are from China and rest are from other countries too.
One more Vulnerability in the Routers:
It is also found by the Trend Micro researchers that along with the backdoor vulnerability, one more found which allows to see user name and password for the router’s normal because web-based administration panel is stored without any encryption.
How to check for your Router?
If you want a free check for your Router—Is this vulnerable or no, so you can check for that HERE.
