Netis Router

0 views
Skip to first unread message

Neomi Schlensker

unread,
Jan 10, 2024, 5:12:14 AM1/10/24
to milnapepda

As a first trouble shooting step as you can't access the DHCP settings until connected, try assigning your Ethernet adapter a static IP address in the 192.168.1.1xx range, or the 192.168.1.xx range and see if you can access the router page then.

Start configuring without the PPPoE cable, but just the laptop connected to a LAN port on the router, although it should not actually matter. You can also try powering the router off and then on again, or even doing a factory reset. ipconfig should show a 192.168 address. If not, you can try manually "ipconfig/release" then "ipconfig/renew".

I am using a netis WF2419E router. My server computer is on 192.168.1.4 and I have set up virtual servers in the router to forward external port 80-80 to internal port 80-80 for IP address 192.168.1.4 (all protocols).

Okay, so I had to edit the /etc/dhcpcd.conf file in my server and change the line static routers=192.168.0.1 to static routers=192.168.1.1. I think it was auto configured with my old router (which was at 192.168.0.1) and that's why it wasn't working with the new one (which is at 192.168.1.1). Problem fixed!

Hello, my friend's router, which is Netis WF2411, is not loading some sites, we tried directly with the ethernet cable and everything worked fine, but going through the router on wifi doesn't load some websites. Changing some settings ('Protection' to false, what ever that is) makes the sites work for a couple of seconds. We assume it only lets through HTTPS connections, since most sites that didn't work were HTTP. He can connect to Steam but can't download anything.

The Netcore and Netis routers have an open UDP port, 53413, which can be queried since the routers have an externally accessible IP address, Yeh wrote. Trend Micro scanned the Internet and found more than 2 million IP addresses with the open UDP port, which could indicate vulnerable equipment.

As explained in the blog post published by Tim Yeh, Threat Researcher at Trend Micro, bad actors could exploit the backdoor to bypass router security and to run malicious code on device or change settings.

Experts at Trend Micro also discovered that a configuration file containing the credentials for the web-based administration panel on the router is stored in clear text and for accessible to attackers.

[ Also on InfoWorld: Teach your router new tricks with DD-WRT or OpenWrt. Get expert networking how-to advice from InfoWorld's Networking Deep Dive PDF special report and Technology: Networking newsletter. ]

Trend found a "backdoor," or a semi-secret way to access the device, Yeh wrote. The password needed to open up the backdoor is hardcoded into the device's firmware. All of the routers appear to have the same password.

By using the backdoor, an attacker could upload or download files to the device. A router's settings could also be changed to allow a hacker to monitor a person's Internet traffic as part of a man-in-the-middle attack, Yeh wrote.

It doesn't appear that most Netcore and Netis routers support the installation of other open-source firmware packages, such as dd-wrt or Tomato, that could be used to replace the vulnerable software, Yeh wrote.

35fe9a5643
Reply all
Reply to author
Forward
0 new messages