ER605 UDP Port 1900 Open with UPnP Disabled
Have 2.3.0 Build 20250428 Rel.18967 installed on multiple ER605's. They all show UDP Port 1900 being open when the UPnP Service is unchecked/disabled in the web interface.
I was going through a PCI (TSYS credit card compliance) vulnerability scan and it listed UDP1900 (along with 500/4500 IPSec VPN which is being used) as being open. UDP1900 is used with UPnP, but that Service is not Enabled. I checked a few other routers and they report the same thing (used pentest-tools dot com/network-vulnerability-scanning/port-scanner-online-nmap for testing)
I don't know if the port was showing open under 2.2.6, but PCI scans didn't report it in the past.
Anyone else seeing this?
The only service configured on the routers is IPSec VPN. Everything else is not configured/disabled.
ADIT wrote
pentest is an oniline scan tool.
nmap
ER605 settings:
These are managed via the web interface. No controller is connected to the routers.
They say both, open|filtered, as seen in the screenshots.
Don't mosaic everything. Can you show me your WAN from the router and the Nmap IP? Are they the same IP address?
I just hit all my routers with an nmap scan on their public wan IP targeting UDP ports 1-2000
My 2 ER605's running 2.3.0 and my ER8411 running 1.3.2 all only reported UDP 500 open (expected as used for vpns)
The final report generated for each router (udp scan only tdue to time constraints) looked like this
Im not super happy that these ports are open-filtered rather that just full unresponsive, but none of them are reporting udp 1900 as open at all.
All routers are in controller mode