ASUS RT-AX86U, constantly broadcasts on UDP port 9999

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Batnun

Occasional Visitor
Hi,

After setting up Suricata on my firewall, I can see several entries from my ASUS RT-AX86U (configured as AP).

Suricata identify that as some kind of vulnerability, which I assume is already fixed, but is there a way to disable
This service on the ASUS?

It seems like some proprietary routers discovery protocol, which I guess I don't need since I have only one device...
 

RMerlin

Asuswrt-Merlin dev
Disable what service actually? Nothing uses that port.
 

Batnun

Occasional Visitor
According to the logs, my ASUS RT-AX86U (10.10.10.20) itself initiates this broadcast, so I guess the router is trying to discover other ASUS routers, maybe for AiMesh?

Latest firmware version installed - 386.2

Screenshot_2.png
 

ColinTaylor

Part of the Furniture
Actually it's Asus' infosvr, you can't disable it. Seems to be used for network printing support. There was an exploit of it that was fixed many years ago which is probably why it's being flagged.
 
Last edited:

ColinTaylor

Part of the Furniture
Yes, that's it. This was all fixed back in 2015. It's hardly surprising RMerlin can't remember it from so long ago. Even though he's listed as one of the people that fixed it. :D
 

RMerlin

Asuswrt-Merlin dev
This is a system service which is not exposed to the Internet, and is required for the router to function properly, so it can't be disabled.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top