Admin User being automatically added to VPN PPTP Setup
Hi Folks,
I have been using the AX6000 Router for about 6 months now and on the whole, am getting on with it really well. It's a well received replacement for the Netgear routers and their associated MESH network which was rubbish in comparison. This thing is just rock solid.
However, I have noticed a possible security risk recently which caused me to disable VPN on the router. Which I was using to grant access to my Kids Laptops so they could become part of our "household network".
I've recently noticed that, when I click the PPTP VPN link under VPN on the Router home page, there is always a new user added with the username "ADMIN" and the password "ADMIN". I routinely delete this but then, within 24 hours, the same username and password has re-appeared. Now, for security sake, I have already disabled VPN just to be sure that no one can use it.
What concerned me more was that a few weeks back (before I had disabled the VPN option on the router) the "VPN Connections" option showed that the above username and password was "in use" and was being used by an IP address that started 41.16.xx.xx. Tracing this with "WHEREISMYIP", no surprises for finding that this was somewhere within the Russian Federation....
I immediately logged the IP address to the an online reporting / blocking tool and from that point onwards, disabled VPN.
Has anyone else noticed this happening on their routers with / without VPN being setup please? Why does the ADMIN username appear to get added to my routers setup. For note, I have already changed my password.
Thanks folks,
Mark