EE Router public ports

Jay302 · ‎02-06-2023

An nmap scan of the public interface assigned to my EE router shows that port 80, 443, and 8085 is open to incomming internet traffic on the public interface.

Whilst I have no concerns for these ports being open for me to manage the router from the internal network 192.168.1.x, these should certainly not be open to the public internet, I can't find a way to disable these open ports and they are not listed as being open in the port forwarding list.

This is really bad practice to have the management page open on the public interface, and opens us up to MitM, DoS, RCE, CSRF, XSS and Brute-force attacks.

I have no issue opening ports if I need support from EE occasionally, but during periods when that is not the case, these ports should be closed on this interface.

Is there an easy way to do this via command line, I cant see any options to close this hole on the management page?

XRaySpeX · ‎02-06-2023

Which router?

If you think I helped please feel free to hit the "Thumbs Up" button below.

To phone EE CS: Dial Freephone +44 800 079 8586 - Option 1 for Mobile Phone & Mobile Broadband or Option 2 for Home Broadband & Home Phone

ISPs: 1999: Freeserve 48K Dial-Up > 2005: Wanadoo 1 Meg BB > 2007: Orange 2 Meg BB > 2008: Orange 8 Meg LLU > 2010: Orange 16 Meg LLU > 2011: Orange 20 Meg WBC > 2014: EE 20 Meg WBC > 2020: EE 40 Meg FTTC > 2022:EE 80 Meg FTTC SoGEA > 2025 EE 150 Meg FTTP