Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Bad news concerning TP-Link routers’ critical security flaws  (Read 403 times)

Weaver

  • Kitizen
  • ****
  • Posts: 4004
  • Retd sw dev; A&A; 3 × 7km ADSL2; IPv6; Firebrick
Logged

Chunkers

  • Reg Member
  • ***
  • Posts: 298
  • Brick Wall head-banger
Re: Bad news concerning TP-Link routers’ critical security flaws
« Reply #1 on: February 15, 2017, 05:40:55 AM »

In my opinion TP-Link support for firmware updates appears sadly lacking and a good reason to be cautious before buying their products, although the hardware is generally good value.

My TL-ER5120 is a good unit and is still on sale but it has issues and bugs (DNS related in my case) and the last firmware update was February 2014!

For me, this is the whole thing that drove me to pfSense.  The manufacturers are focused on pumping out hardware, attracting new customers and not supporting existing ones.

Chunks
Logged

Chrysalis

  • Content Team
  • Kitizen
  • *
  • Posts: 4430
Re: Bad news concerning TP-Link routers’ critical security flaws
« Reply #2 on: February 15, 2017, 08:49:51 AM »

Yep and its even a thing now to rollout new hardware for the sake of rolling out a software feature.
Logged
Sky Fiber Pro - Billion 8800NL bridge & PFSense BOX running PFSense 2.4 - ECI Cab

ejs

  • Kitizen
  • ****
  • Posts: 1258
Re: Bad news concerning TP-Link routers’ critical security flaws
« Reply #3 on: February 15, 2017, 03:06:16 PM »

Spoilsport.

That "critical security vulnerability" is exactly the kind of thing I've been trying to do, to gain telnet access for getting DSL stats. It's quicker than having to upload a config file, so worth trying on other models, before it gets fixed of course. The "vulnerability" amounts to if you know the admin username and password, then with local network access to the device, you can get yourself proper shell access. You could consider it a way to unlock the device, rather than a vulnerability.

The open SNMP port in the iptables firewall configuration applies to a lot of models, the TD-W8970v1 and TD-W9980 being the models I've looked at.
Logged
 

anything