Welcome to Comcast Help & Support Forums
Find solutions, share knowledge, and get answers from customers and experts

New to the Community? Start here.

5,748,317

members

37

online now

1,906,725

discussions

Back to Top

Router security vulnerability - how to close port 7547 to prevent home network being hacked

ANSWERED
New Poster

Router security vulnerability - how to close port 7547 to prevent home network being hacked

Hi,

I use a security software and receive their bulletins regularly, one of which referred to home routers.

https://www.wordfence.com/blog/2017/04/check-your-router/?utm_source=list&utm_medium=email&utm_campa...

In this article they say how to check for the vulnerability through port 7547 and when I ran the test it came back saying that mine is (the one I got from Comcast).

"Your router has port 7547 open and may be vulnerable. Response: Cisco-CcspCwmpTcpCR/1.0"

How can it upgrade the firmware to the latest available, and separately, how can I close port 7547 to address this vulnerability?

Thanks

Accepted Solution

Re: Router security vulnerability - how to close port 7547 to prevent home network being hacked

I found a way to mitigate for this.  Sorry if this is a bit technical.  If it doesn't make sense, ask a network savvy friend to help you.  In your X1 router, go to Advanced >Port Forwarding, enable it, and add a service for that port that points to a non-existant server IP.  For example, I added one with Common Service: Other, Service Name: wharever but I used "Mitigation", Service type TCP/UDP, server IP 10.0.0.5 (this was an IP I know is not assigned to anything on my network...try pinging an IP before using it), and for IPv6 do the same, and enter a start and end port of 7547. Save it.  Test again and you will see that the port no longer responds (as it is being redirected to a non-existant server which thus can't repond).  Hope that helps!

 

View answer in context
Gold Problem Solver

Re: Router security vulnerability - how to close port 7547 to prevent home network being hacked

If you own the router and it's not part of an all-in-one modem+router gateway device, you'd need to work with the manufacturer to correct the problem.

 

If Comcast owns the router or if it is part of an all-in-one modem+router gateway device, the firmware is under their control and you're stuck waiting for them to fix the problem.

Problem Solver

Re: Router security vulnerability - how to close port 7547 to prevent home network being hacked

Firmware for modems and gateways update on their own. The best chance you might have of being able to do this is to call Comcast Customer Security Assurance which is open M-F at (888) 565-4329 and notify them and see what they do. I can't guarantee what they will do or if they will do anything.
New Poster

Re: Router security vulnerability - how to close port 7547 to prevent home network being hacked

I found a way to mitigate for this.  Sorry if this is a bit technical.  If it doesn't make sense, ask a network savvy friend to help you.  In your X1 router, go to Advanced >Port Forwarding, enable it, and add a service for that port that points to a non-existant server IP.  For example, I added one with Common Service: Other, Service Name: wharever but I used "Mitigation", Service type TCP/UDP, server IP 10.0.0.5 (this was an IP I know is not assigned to anything on my network...try pinging an IP before using it), and for IPv6 do the same, and enter a start and end port of 7547. Save it.  Test again and you will see that the port no longer responds (as it is being redirected to a non-existant server which thus can't repond).  Hope that helps!

 

Problem Solver

Re: Router security vulnerability - how to close port 7547 to prevent home network being hacked

The only downfall I see to that is that IP Address may not be taken at the time but it might get taken by a new device at a point of time since it's pretty much well known that these gateways randomly assign IP Addresses through DHCP instead of just going up the list to the DHCP end Address.
New Poster

Re: Router security vulnerability - how to close port 7547 to prevent home network being hacked

I following this, and the test worked (it failed once I sent 7547 to a bogus ipv4 ipAddr).   I left the ipv6 blank, I was not having any success in find what valid address or range I could put in there.  Ideas on what to put into the ipv6 addr?

 

 

Also, I'm curious as to why blocking 7547 within the managed services (just create a name, assign it to 7547) didnt work.

Service Expert

Re: Router security vulnerability - how to close port 7547 to prevent home network being hacked

I would bet that everyone who ran that test against their router would get the same result; open.

 

Gibson has the same test and it says it is open on my gateway.

 

https://www.grc.com/x/portprobe=7547

 

http://www.speedguide.net/port.php?port=7547




Community Icon
I am not a Comcast employee, I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help. For information on the program click here.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am not a Comcast employee. I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am not a Comcast employee.

Was your question answered?
Mark it as a solution!solution Icon

Gold Problem Solver

Re: Router security vulnerability - how to close port 7547 to prevent home network being hacked


RobertWy wrote: ... I would bet that everyone who ran that test against their router would get the same result; open. ... Gibson has the same test and it says it is open on my gateway. ...

"Everyone"? Are you sure about that? For ALL routers and ALL gateways? Cite?

 

The point of your reply is unclear. It could be interepreted to mean "everyone's vulnerable, don't worry about it", which strikes me as an odd position for one to take, especially for an "expert".

 

Are you really suggesting that customers with vulnerable equipment "not worry about it"?

Regular Visitor

Re: Router security vulnerability - how to close port 7547 to prevent home network being hacked

Thanks sj3vans for this good suggestion to use port forwarding.  Earlier this month I called Comcast several times about their open port 7547.  The last call I spent about 2 hours on the phone and had several of their technical agents tell me that it was impossible 7547 was open because I had no port forwarding enabled at that time - I am a relative newbie with routing, but even I knew that is baloney.  I was eventually transferred to the Comcast Security Dept, was promised they would open a work order on this and have a response within 24-48 hours.  That was 2 weeks ago.  I now realize Comcast will never respond to my request for assistance to close port 7547 and they seem unconcerned that this provides a security risk to their paying customers, in spite of the growing body of evidence this open port is now being targetted. 

Problem Solver

Re: Router security vulnerability - how to close port 7547 to prevent home network being hacked

@stanatjp Did you try calling (888) 565-4329 and check up on that work order?
Regular Visitor

Re: Router security vulnerability - how to close port 7547 to prevent home network being hacked

No I did not call them back again.  I've spent way too much time on the phone with Comcast about this issue.  Unfortunately I am one of the unwashed souls who needs to work for a living to pay my Comcast bill and cannot devote the time to resolve Comcast issues that is needed :-(      The solution posted by sj3vans worked !!!  Thanks !