Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Weaver]

see https://threatpost.com/updated-firmware-due-for-serious-tp-link-router-vulnerabilities/123702/

[Chunkers]

In my opinion TP-Link support for firmware updates appears sadly lacking and a good reason to be cautious before buying their products, although the hardware is generally good value.

My TL-ER5120 is a good unit and is still on sale but it has issues and bugs (DNS related in my case) and the last firmware update was February 2014!

For me, this is the whole thing that drove me to pfSense.  The manufacturers are focused on pumping out hardware, attracting new customers and not supporting existing ones.

Chunks

[Chrysalis]

Yep and its even a thing now to rollout new hardware for the sake of rolling out a software feature.

[ejs]

Spoilsport.

That "critical security vulnerability" is exactly the kind of thing I've been trying to do, to gain telnet access for getting DSL stats. It's quicker than having to upload a config file, so worth trying on other models, before it gets fixed of course. The "vulnerability" amounts to if you know the admin username and password, then with local network access to the device, you can get yourself proper shell access. You could consider it a way to unlock the device, rather than a vulnerability.

The open SNMP port in the iptables firewall configuration applies to a lot of models, the TD-W8970v1 and TD-W9980 being the models I've looked at.