TR-069 (CWMP)

Critical Risk

TCP — System & Infrastructure

Port Overview

Port Number 7547

Service Name TR-069 (CWMP)

Transport Protocol TCP

Category System & Infrastructure

Security Risk Critical

Port Range Registered (1024-49151)

What is Port 7547?

Port 7547 is used by TR-069 (CPE WAN Management Protocol), a standard for ISPs to remotely manage and provision customer-premises equipment like routers and modems. ISP-managed devices listen on this port for configuration commands from the ISP's Auto-Configuration Server (ACS). The Mirai botnet variant Imeij exploited vulnerable TR-069 implementations to compromise millions of routers.

TCP System & Infrastructure Commonly Used

Security Considerations

Port 7547 (TR-069 (CWMP)) is classified as critical risk. This port should not be exposed to the public internet. The service transmits data without encryption, making it vulnerable to eavesdropping, credential theft, and man-in-the-middle attacks.

Recommendation: Block this port at the firewall. Use encrypted alternatives (SSH, SFTP, HTTPS) instead.

Related Ports — System & Infrastructure

0 Reserved 1 TCPMUX 5 RJE 7 Echo 9 Discard 11 Systat 13 Daytime 15 NetStat