October 3, 2023

Google Chrome is now blocking HTTP, HTTPS, and FTP access to TCP port 10080 to prevent the ports from being abused in NAT Slipstreaming 2.0 attacks.

A new version of the NAT Slipstreaming vulnerability that allows scripts on malicious websites to bypass visitors’ NAT firewall and gain access to any TCP/UDP port on the visitor’s internal network modifies routing config and gain access to private network

As this vulnerability only works on specific ports monitored by a router’s Application Level Gateway (ALG), browser developers have been blocking vulnerable ports that do not receive a lot of traffic.

Google Chrome is blocking FTP, HTTP, and HTTPS access on ports 69, 137, 161, 554, 1719, 1720, 1723, 5060, 5061, and 6566 till now. Today, Google has stated that they intend to block TCP port 10080 in Chrome, which Firefox has already blocked since November 2020.

It is an attractive port for HTTP because it ends in in “80” and does not require root privileges to bind on Unix systems. Once a port is blocked, users are shown an error message stating ‘ERR_UNSAFE_PORT‘ when they attempt to access the port.

If you are currently hosting a website on port 10080, you may want to consider using a different port to allow Google Chrome to continue accessing the site.

Leave a Reply

%d bloggers like this: