ASUS RT-AX86U, constantly broadcasts on UDP port 9999

Batnun

Occasional Visitor
Hi,

After setting up Suricata on my firewall, I can see several entries from my ASUS RT-AX86U (configured as AP).

Suricata identify that as some kind of vulnerability, which I assume is already fixed, but is there a way to disable
This service on the ASUS?

It seems like some proprietary routers discovery protocol, which I guess I don't need since I have only one device...
 

RMerlin

Asuswrt-Merlin dev
Disable what service actually? Nothing uses that port.
 

Batnun

Occasional Visitor
According to the logs, my ASUS RT-AX86U (10.10.10.20) itself initiates this broadcast, so I guess the router is trying to discover other ASUS routers, maybe for AiMesh?

Latest firmware version installed - 386.2

Screenshot_2.png
 

ColinTaylor

Part of the Furniture
Actually it's Asus' infosvr, you can't disable it. Seems to be used for network printing support. There was an exploit of it that was fixed many years ago which is probably why it's being flagged.
 
Last edited:

ColinTaylor

Part of the Furniture
Yes, that's it. This was all fixed back in 2015. It's hardly surprising RMerlin can't remember it from so long ago. Even though he's listed as one of the people that fixed it. :D
 

RMerlin

Asuswrt-Merlin dev
This is a system service which is not exposed to the Internet, and is required for the router to function properly, so it can't be disabled.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top