Security Issue In New Airtel Router ZYXEL (Gateway ).

  • Thread starter Thread starter mrps786
  • Start date Start date
  • Replies Replies 25
  • Views Views 9,430
mrps786

mrps786

Messages
25
Location
272001
ISP
Airtel Fiber
Warning : Whoever owns this ZyXEL Change Your Default Password From username and password both being admin for it is a security concern.

Model Name:PMG5617-R20B
MAC Address:xxxxxx - Removed Due To Privacy Concern
Firmware Version:V100ACCU0b5_20220715
Serial Number:xxxxxx - Removed Due To Privacy Concerns
GPON Serial Number:ZYXExxxx9 -- Removed Due To Privacy Concerns
I Got Airtel Fiber Installed On 9th September 2022. I got a router by the brand name ZYXEL which is one of airtel's new fiber modem/router being installed. There is no problem with the internet connection. It works great and as expected but today I discovered a serious flaw in the implementation of it. With access to the public ip one can get into the routers interface very easily and moreover the default gateway username and password both being admin. So anyone with access to my public ip or anyone else with the same router one can get into the web interface of the router which is a serious vulnerability. With Both Ports 80 and 443 open to the web. This is a serious security issue.

I have attached the model number and other details along with a photo of the router and the video recording demonstrating the process. I hope you to look into this issue and patch it with an update soon.

I sent an email to airtel on 11th September 2022 - At 121@airtel.com, net@airtel.com and dm at twitter at airtelpresence but no reply from two days.
Also Both Port 80 and 443 are reserved by default for router even with DMZ and reverse proxy with nginx proxy you cannot host easily ( there are other ways to do so but that becomes too hard and complicated for me however there are experts who can do it not that it is impossible) as with other airtel routers like my Nokia at home it was easy to do so with only one port 443 open and reverse proxy I could host services easily that too with ssl/https. But now I had to open port for each service separatly which is not a good practice in my opinion and i am not comfertable with tunnels of any sort and there are also limitations to it too.

I also wanted to replicate it with my raspberry pi 4 here but ran down this roadblock and fast forward to today i cannot even port forward even one port seems like i have been blocked from Airtel's end I think i have shot myself in leg by reporting this issue.

What should i do for this issue should i demand for change of router or anything else there are many experts on this forums please give your input /advice regarding this issue. Sharing My Link But Will Cut The Part Where My Modem Details Are Mentioned.

The Photo - Router of router and video which show the process i got into router Video in this video i type longer password because i have chaged my password to something secure.
 
This is happening with Airtel provided Huawei HG8145V5 router too
 
This is a general comment. Every router has a default username password which is generally printed on backside because after factory reset you need default access to modify settings. ISP may or may not change it at their discretion.
Some routers deep inside have an option to block Ping, Telnet, HTTP & HTTPS access. You need to explore and figure out if yours has it or not. If it has just enable/disable such options and then router as part of security measure won't even respond to Ping.
And to test it, make sure you are on another Internet, say your mobile internet. accessing from within same network may not give correct results.
However I leave this as general comment because I don't have that model so I do not know what settings are there and what is not available.
 
Last edited:
Just check if your firewall is enabled. Set it to medium or high. That blocks pings and access from the WAN.
 
Chip said:
Just check if your firewall is enabled. Set it to medium or high. That blocks pings and access from the WAN.
Click to expand...
This Router Is Only Showing Option Such As Firewall On Or Off my Nokia router did have low /medium/high option as you mentioned and even when firewall is off then too port forward is not working.
VIGXXPkO
 

rohitks said:
This is a general comment. Every router has a default username password which is generally printed on backside because after factory reset you need default access to modify settings. ISP may or may not change it at their discretion.
Some routers deep inside have an option to block Ping, Telnet, HTTP & HTTPS access. You need to explore and figure out if yours has it or not. If it has just enable/disable such options and then router as part of security measure won't even respond to Ping.
And to test it, make sure you are on another Internet, say your mobile internet. accessing from within same network may not give correct results.
However I leave this as general comment because I don't have that model so I do not know what settings are there and what is not available.
Click to expand...
Thank you for trying to help me out but this router has reserved both port 80 an 443 As mentioned by you to look deep down into the settings but this ZyXEL has very limited settings unlike other routers provided by Airtel and it is not even letting me port forward and is showing this error message as rule conflict MGMT. I have tried it with my mobile data on my phone but it is not working not only 443 or 80 other ports are also not opening. I am sharing the photo if there is anything else you can tell me that will solve this issue or anyone else in this forum i am willing to give it a try.
0PzmXpWm
 
It's very likely that you can access port 80 on <PUBLIC IP> from your router's LAN but not from other networks, by default. You should first check if you can access the same page from a different network.
 
I got a message from the moderation team at IBF this is my first time on a forum Please educate me on what wrong thing did i do on this post while posting or commenting or writing I do not want to get banned i am a regular reader of this forum. I read the rules but did not understand anything please simplify it for me in laymen terms of what things not to do. Help Me Out Here.
 
Without seeing your full setup I can just make a guesswork.

Somewhere you have remote management settings deep inside the options, where 443 is already used. Check if you can access those settings and change it there to something else.

Generally Airtel blocks 80 & 443 at least at my end, they are blocked.

For other ports, for port forwarding to work, following must happen
1. ISP does not block the port
2. Firewall in router is relaxed
3. Correct port forwarding rule setup
4. Firewall on destination is relaxed
5. You have a proper service listening on that port & active on destination

On your windows pc enable remote desktop and that will run terminal client on TCP 3389, now disable firewalls in both windows and router (for the time being) and create port forwarding for TCP 3389. Go to yougetsignal.com and test it out.
 
@mrps786 let me make it easy for you - please do not quote in an active thread i.e. one that has active ongoing discussions such as this one. It's one of the main reasons people get penalty points and should that continue it results in a ban. Familiarise yourself with the rules please. I also have the distinction of earning penalty points after signing up and was probably close to getting banned in the past. LOL! 😀

PS - why in the world did you have your Nokia changed? All you had to do was put it into bridge mode (via Airtel) and then use a powerful router of your own for better coverage. Trust me, the Nokia is very stable ( I have two - one from Airtel and one TPBB) and I refused to change it even when upgrading to 1 Gig where Airtel replaces it with another brand of router Sercomm or something.
 
Last edited:
@Sleet0635 and @Chip first of all thank you for correcting my mistake I will never repeat this mistake again It took me a while to understand it 😄. Secondly @Chip I did not get my router replaced it . It is what i got in the first place this is my second connection i have airtel connection with a Nokia router at home. Which is very good agree with you on that. This is what we are getting these days. ZyXEL.
WhRUvcQH
 
It's very likely that you can access port 80 on <PUBLIC IP> from your router's LAN but not from other networks....
@wheatbread it was happening before might by due to nat loopback but i was able to port forward all ports except 80 and 443 but after i mailed airtel i cannot even port forward even a single port even with DMZ enabled and firewall turned off.
 
ok simple question - why do you have 2 connections from the same provider? If the 2nd one is a backup isn't it better to use another ISP? My primary line is airtel and backup is Tata Play.
 

Similar threads

S
Airtel Xstream Static IP to host websites
Replies
3
Views
995
utkarshy
F
Port 80 and 443 are blocked on Airtel Fiber with Static IP
Replies
2
Views
848
shrenik
uniquePerson
Closing prepaid Airtel broadband connection. Router needs to be returned?
Replies
7
Views
1,646
Zexen
sk7411
Help Needed: Bridge Mode Configuration on Nokia Router with Airtel
Replies
3
Views
759
Stranger75
Top