acher vr600 v2 cve 2017 bug (update) new firmware coming

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

acher vr600 v2 cve 2017 bug (update) new firmware coming

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
acher vr600 v2 cve 2017 bug (update) new firmware coming
acher vr600 v2 cve 2017 bug (update) new firmware coming
2018-04-28 17:47:33
Model : Hardware Version : Firmware Version : ISP : i have a new archer vr600 v2 vdsl router avast home network as reported my vr600 as a cve 2017 bug which is not good any one eles got this bug by avast anti virus as i did a scan on my uk talk talk 633 router and its come up perfect i screen shot the pc screen see attecments files
File:
Screenshot (2).jpgDownload
Screenshot (3).jpgDownload
Screenshot (4).jpgDownload
  0      
  0      
#1
Options
8 Reply
Re:acher vr600 v2 cve 2017 bug (update) new firmware coming
2018-04-29 18:01:11
Yes you aren't alone, I've been trying to get this looked at in the Soho section for weeks now and either nobody looks at it or the company isn't interested in sorting it out so don't expect any help anytime soon,

BT homehubs have been updated and still show the issue from what I've read and the only info I can find that shows anyone that has bothered to update is Asus and even on old models,

Pretty poor imo, it's only been like it since Sept 2017 but even so Avast has only been flashing it up since Feb 2018, before that I used to get a default password warning on the USB media settings from Avast but this has now vanished to be replaced by the CVE warning so who knows, Avast does throw false positives but in this case the CVE is well known across the board, I assume it's the 14491 one you're getting.
  0  
  0  
#2
Options
Re:acher vr600 v2 cve 2017 bug (update) new firmware coming
2018-04-30 16:20:05
yes 14491 i submitted the screen shots so a senior tech going to look in to it
  0  
  0  
#3
Options
Re:acher vr600 v2 cve 2017 bug (update) new firmware coming
2018-05-04 15:03:43
TPLink has received the security vulnerabilty report from Google and we keep following on this problem.
At present this security vulnerability has been fixed and the new firmware is on checking. Please pay attention on the firmware update of your TPLink router.

Technologically, someone need to connect your router and attack.So before the firmware released, please manage your TPLink router and do not let others know your admin password and do not let unknown people to connect your network before the router is updated
  0  
  0  
#4
Options
Re:acher vr600 v2 cve 2017 bug (update) new firmware coming
2018-05-20 06:18:18
Well Jason let me say thx for your efforts chasing this up,BUT!2 weeks on and nothing,nadda,diddly squat and any other term for we dgaf,Looking across the regions at the various models that TPL offers everyone is stuck on 2016 FW if they are lucky and things don't look likely to change anytime soon imo, nice products let down by lousy backup and non existent support,Some news from a company representative would be nice but again, nothing,nadda etc, obviously any future router purchases require a darn good researching before unloading the folding, had I known just how poor TPL support is I wouldn't have bought my unit,The last line you posted is hilarious, perhaps if we only surf with the lights off nobody will notice us and leave us alone, or if we go outside and shout out "my wifi password is TPLinkabcdef123456" we'll be ok cos nobody will be able to remember it by the time they get the log page up, and as for letting unknown people connect to you? well that one is really funny, "hey mate save your phone allowance and just tag on to our connection eh"Really feeling let down tbh, I still think the model I chose is a fine unit, just let down by the mechanic not checking the oil often enough,Anyway thx again for your efforts even though they as I suspected will be all for nothing because it looks like TPL are simply bluffing it's customers off with BS and have no intention of updating any of their products, on the upside my TPL unit is probably 50X better than the lump of 99 cents crap the ISP provided,C'mon TPL get your finger out and have a Google list brimming with praise for you instead of the current one that says NO SUPPORT!And now my reply has squashed itself up into an unreadable one line of text, why am I not surprised.
  0  
  0  
#5
Options
Re:acher vr600 v2 cve 2017 bug (update) new firmware coming
2018-05-20 06:23:51
NOTHING sweet FA! Thanks for trying Jason but it's as I thought it would be, no support, no update and no more TP Link products for me.
  0  
  0  
#6
Options
Re:acher vr600 v2 cve 2017 bug (update) new firmware coming
2018-05-21 03:29:12
Yes support is rubbish do the company look at these forums£80 worth off router put back In the box thanks to link My fault for buying China crap again I get back in touch if don’t sort it there give me a refund
  0  
  0  
#7
Options
Re:acher vr600 v2 cve 2017 bug (update) new firmware coming
2018-05-21 05:56:24
It's a dam fine unit tbh Jason, it's let down by support though, you may want to think it through a bit before returning it, £80 doesn't buy much of a router and especially with the feature set which can help negate the issue anyway if you configure it to do the best it can,Ensure you have the SPi walls enabled and the DoS flooding set to max, don't bother with Mac filtering and white/blacklisting unless you spot a Mac addy that you know doesn't belong on your network, you can also change the default 192 login to something other than 1 and Mac lock it to only one device to manage it from, although Mac cloning/spoofing may get round this as well and hence why I said don't spend hours adding Mac's in the filtering list, ensure you change the USB settings to use a new set of username and password and turn it off totally anyway as it's a bit of a "err yeah" function anyway, and remember with wifi passwords longer is better and random is best, being as the guest wifi is also WP2 and AES you can effectively use two sets of long random passwords along with AP isolation to close as many doors as you can,At the end of the day though nothing is perfect and only now are they waking up to the fact that the router is as much a doorway in as a c'mon in unsecured OS, to save you a lot of searching the only routers I've found that have been masq updated that you will find in the normal sort of places are Asus ones but the kicker is the units are all 3-5 years old now by design and even though they have this all singing thing included by Trend Micro to keep the unwanted out Trend Micro ain't exactly a leader in staying up to date, infact Malwarebytes does much the same thing anyway if you have the paid version that works in real time,So in summary, the 600 is a cracker of a unit let down by slow programming at the factory, I'd go so far as to say it trumps the 900 unit in everything other than synthetic wifi speeds, I'm hoping they will hit us up with an update and soon and if anything it maybe that they want to release it right first time rather than cause a new set of problems with a dodgy FW release, it would be nice if there was some sort of comms update though rather than this silence we seem to see when things need attention.
  0  
  0  
#8
Options
Re:acher vr600 v2 cve 2017 bug (update) new firmware coming
2018-08-13 18:09:56
Just a update I been using my isp router as every time I use the vr600 It goes slowAvast still tells me the bug so had a 3 hr chat with tp link showed my router bug with the dns Well it’s gone to firmware techs and now got a reply that there be a firmware update soon as there can Finally I can use my archer 600 again yeah
  0  
  0  
#9
Options

Information

Helpful: 0

Views: 1255

Replies: 8