cancel
Showing results for 
Search instead for 
Did you mean: 

Router Security risk

Aardmann
Newbie
Posts: 1
Registered: ‎02-03-2024

Router Security risk

I have just discovered a serious security risk in relation to Plusnet Hub Two routers. Using tour public Ip address you can browse to your router. Normal routers prompt with a password, however Plusnet ones provide information about all your devices sitting on 2.4, 5 Ghz and wired. Not only that but it reveals the hostname, internal IP and MAC address of attached devices. Test your router by obtaining your public IP using whatismyip.com and then browsing to the IP provided.
Tags (2)
3 REPLIES 3
IMM
Rising Star
Posts: 64
Thanks: 13
Fixes: 1
Registered: ‎11-12-2023

Re: Router Security risk

Is that just from inside your network?

Do you get the same effect from outside your network – eg on a phone using mobile data not Wifi?

jab1
Legend
Posts: 19,265
Thanks: 6,325
Fixes: 290
Registered: ‎24-02-2012

Re: Router Security risk

As whatsmyip is doing exactly what its name implies - no one else will get your IP - they will get their own, so no risk.

John
MisterW
Superuser
Superuser
Posts: 16,327
Thanks: 6,263
Fixes: 448
Registered: ‎30-07-2007

Re: Router Security risk

Is that just from inside your network?

Yes, @IMM is correct. The router GUI is only accessible when connected to the local network. The fact that it works using the public IP (as well as the local one) is due to  NAT loopback i.e the router recognises the outgoing address is its own public IP and 'loops' the connection back without actually going to the internet.

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.