Internet-Security.com UDP port 32764 details

UDP/32764 is known for the SerComm router backdoor, a hidden management service present in many consumer routers manufactured by SerComm and sold under brands such as Linksys/Cisco and Netgear.
After the original 2013 disclosure of the backdoor on TCP/32764, some firmware revisions shifted it to UDP/32764, where the scfgmgr service listens for a magic packet to enable remote configuration commands.
Researchers reported this on multiple SerComm-based ADSL/Wi‑Fi router models distributed by those brands in the wild.
The port has been actively targeted for exploitation, enabling unauthorized access and configuration of affected routers via public proof‑of‑concepts and internet‑wide scans.
No other widely recognized legitimate protocol or software commonly uses UDP/32764.

UDP 32764