Port 7547 Details
known port assignments and vulnerabilities
threat/application/port search:
Port(s) |
Protocol |
Service |
Details |
Source |
7547 |
tcp |
tr069 |
CPE WAN Management Protocol Technical Report 069 uses port 7547 (TCP/UDP).
Port associated with TR-069 - application layer protocol for remote management of end-user devices. It is a bidirectional SOAP/HTTP-based protocol that provides communication between CPE devices and auto-configuration servers (ACS). It can be used by some modems, gateways, routers, VoIP phones, set-top boxes. TR-069 has some known exploits as demonstrated at the DEFCON22 conference.
If your NAT router/gateway keeps this port open and you are sure you want to filter it (potential interference with ISPs pushing firmware updates), try the following. Navigate to your router's admin interface and disable TR-069. If that does not work, look under "port forwarding", or "virtual servers", and forward the port to an unused local IP address, like (192.168.1.252)
The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password (which defaults to the Wi-Fi password), and using the NewNTPServer feature.
References: [CVE-2016-10372], [XFDB-126658]
IANA registered for: Broadband Forum CWMP (TCP/UDP) |
SG
|
7547 |
tcp,udp |
cwmp |
DSL Forum CWMP, registered 2006-01 |
IANA
|
|
2 records found
Related ports: 30005
|