@Kevin_Z and @Sunshine 

Hi, for the MR600 V3:

is the FW Archer_MR600v3_1.1.0_0.9.1_[230308-rel33431]_up_boot_2023-03-08_09.25.04 linked in your post

an updated version of Firmware Version:‪1.1.0 0.9.1 v0001.0 Build 230131 Rel.60060n_Beta (which Beta was installed by TP Link Service last year when testing the 4G+ bugs discussed elsewhere)?

The date of the FW version that you posted would suggest so (230308 vs 230131), but the Release number (rel33431 vs 60060n_Beta) may suggest the Beta is more up to date? Even though the Beta does not include the option to disable OneMesh Hidden SSID / Wifi signal?

When will TP Link provide an official FW Update fixing the OneMesh Hidden AND the 4G+ issue (incl. CA options to aggregate same bands (e.g. B7 + B7) - for which pls reach out to your team whom I have described this further issue in an email)?

Thanks

  @Sunshine 

Thanks for clarifying.

So when will the new FW be published on the Official Support / Download pages? Both the German and the UK sites only offer MR600(EU)_V3_220307 (https://www.tp-link.com/de/support/download/archer-mr600/#Firmware and https://www.tp-link.com/uk/support/download/archer-mr600/#Firmware )

I will try the FW for the MR600 V3  that you have made available in this post/thread.

  @Kevin_Z 

Hi, I have an MR 500 and am still waiting for a firmware upgrade. Can you please inform us as to whether this is due out VERY soon? If not, I'll be requesting a full refund as I specifically purchased a device with a wifi on/off button for a reason! 

Thanks

@Kevin_Z @Sunshine @Marvin_S My router is on the list in the original post, I could install the relevant beta. Two questions:

1. Do all your betas proceed to the official release stage, or are some held off indefinitely? The we only release a new version when there is a bug/flaw/vulnerability to patch or a new feature to add line suggests the latter, unfortunately, because you folks clearly don't see this problem as a vulnerability.
2. On your firmware download panels there are big Please upgrade firmware from the local TP-Link official website of the purchase location for your TP-Link device, otherwise it will be against the warranty warnings & smaller This firmware cannot be degraded to the previous version info. So if I venture to install the beta, I'll void my warranty & I might be unable to re-flash the device?

(A few explanations:

1. Why did I buy a OneMesh device if I don't want to use OneMesh?
   I had no idea that OneMesh was a thing. I needed a non-dirt-cheap device with carrier aggregation. I only learnt about OneMesh from the firmware GUI.
2. Why do I think that this is a vulnerability, not a normal feature?
   You write about high-intensity random password, referring to a brute-force attack. Fine, but this is only one penetration technique, authentication bypass is another. You can't guarantee that your firmware is immune to the latter type (no one can, claims to the contrary would be puffery or hubris), so you should allow your users to reduce their attack surface, i.e. to disable all unused networks. Now we can't even decrease OneMesh transmit power directly, we need to do that for the regular wireless networks & hope that OneMesh will respect these settings even after releasing the WiFi button on the router.
3. Why am I surprised that releasing the WiFi button doesn't turn OneMesh off?
   OneMesh is clearly a wireless network, like WiFi and unlike LAN. If for whatever reason (marketing?) you don't want to refer to it as WiFi, no problem -- add a separate OneMesh button. Your devices aren't exactly postmark tiny, there's plenty of space for that.

See also the CNX Software article (Some) TP-Link routers enable hidden networks by default. Is that an issue?, over two and a half years old (the forum won't let me paste the link)).