Page 1 of 1

Port 7547 open on ZTE

Posted: Wed Jan 23, 2019 12:31 pm
by aussierod
Hello, I received the "free" Exetel ZTE modern router yesterday and have been learning about the TR-069 / ACS setting in it.

https://www.youtube.com/watch?v=rz0SNEFZ8h0

My TR-069 is Exetel set to use port 7547. A quick search on that port shows hackers love it.

A test of that port on the router you sent me, shows my port is open.
https://www.grc.com/x/portprobe=7547

My question to you Exetel is, what's the point of ZTE having a "firewall" in this chi-com made product, when hackers would bypass that and use the TR-069 / ACS backdoor?

Is EasyGateway vulnerable?? https://zteacs1.exetel.com.au:9090/

Please tell me here in the public arena that these ZTE modem routers you send out with TR-069 backdoors, are 100% user safe.

Kind Regards,
Rodney

Re: Port 7547 open on ZTE

Posted: Wed Jan 23, 2019 2:03 pm
by aussierod
Still playing around..

http://my-ip-address:7547 is still open to the world .. and it's not even HTTPS!

How do I close 7547 when your tech guys are done setting up my nbn and voip?

Changing url settings in the TR-069 won't close it.

How do I block any other ports in that ZTE?

The ZTE H268A inbuilt "on / off " firewall doesn't allow port blocking. What a joke of a firewall.

I would have bought my own brand of router, but you were going to bill me the $20 "delivery" regardless.

Not happy.

Re: Port 7547 open on ZTE

Posted: Wed Jan 23, 2019 3:54 pm
by KrishanK
We have already discussed this with ZTE - Modem Manufacturer and they officially advised us the product ZTE H268A has been analyzed by them for the security threats and confirmed there is no such known vulnerabilities by keeping the port 7547 open to allow TR-069 protocol.

Having said, though the port 7547 is open in this modem there is no harm for the end user or their network by that as how the TP-069 protocol is configured in the modem and back end server(s).

However the main and only purpose of implementing this protocol in the modem is for us to gain access to the modem, to ease the troubleshooting for the end user. And if you do not require any technical assistance related to the modem from us, you may turn on this protocol in your modem and in order to know the steps of getting this disabled refer the following forum thread attached below;

viewtopic.php?f=329&t=44187&p=324552&hilit#p324072

Re: Port 7547 open on ZTE

Posted: Wed Jan 23, 2019 4:52 pm
by aussierod
Hello,

What is shown in that other thread doesn't actually close port 7547, thus true stealth is impossible.
Might as well turn the one click on/off no settings, "firewall" off.

I just ran AngryIP scanner in my Exetel IP range. Geez, so many others with open ports.
This ZTE is a pile of junk - geewiz, they even disabled the USB port.

If it wasn't for the inbuilt VOIP I'd throw it in the bin.
Bloody stupid making us pay $20 for junk whether we took it or not.

Now I have to spend more on a wifi WAN modem with a decent firewall to stick between me and the chi-com ZTE.

Thanks anyway.

Re: Port 7547 open on ZTE

Posted: Wed Jan 23, 2019 6:24 pm
by KrishanK
aussierod wrote:
Wed Jan 23, 2019 4:52 pm
Hello,

What is shown in that other thread doesn't actually close port 7547, thus true stealth is impossible.
Might as well turn the one click on/off no settings, "firewall" off.

I just ran AngryIP scanner in my Exetel IP range. Geez, so many others with open ports.
This ZTE is a pile of junk - geewiz, they even disabled the USB port.

If it wasn't for the inbuilt VOIP I'd throw it in the bin.
Bloody stupid making us pay $20 for junk whether we took it or not.

Now I have to spend more on a wifi WAN modem with a decent firewall to stick between me and the chi-com ZTE.

Thanks anyway.
We opened a ticket with regards to your concern from our end under the Ticket Reference No: 14174439. You will be receiving an email to the nominated/authorized email address with the option can be given to you regarding the dissatisfaction about the product provided to you.

Re: Port 7547 open on ZTE

Posted: Mon Mar 04, 2019 3:11 pm
by aussierod
No worries, I figured it out myself - I'm now 100% stealth. :mrgreen:

The steps to turn off the ZTE TR-069 are on my blog.
https://rodneystevens.com/tr-069-how-to ... zte-modem/

Re: Port 7547 open on ZTE

Posted: Mon Mar 04, 2019 5:17 pm
by rehanj
aussierod wrote:
Mon Mar 04, 2019 3:11 pm
No worries, I figured it out myself - I'm now 100% stealth. :mrgreen:

The steps to turn off the ZTE TR-069 are on my blog.
https://rodneystevens.com/tr-069-how-to ... zte-modem/
Happy to hear that the issue is resolved, and thanks for your feedback. Let us know if any further assistance is required!