SMB1.0 is insecure and depreciated. Will Archer routers be updated?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

SMB1.0 is insecure and depreciated. Will Archer routers be updated?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
SMB1.0 is insecure and depreciated. Will Archer routers be updated?
SMB1.0 is insecure and depreciated. Will Archer routers be updated?
2023-05-28 04:22:18
Model: Archer AX3000  
Hardware Version: V1
Firmware Version: 1.2.2 Build 20230511 rel.51682(5553)

The FAQs for USB file sharing say SMB1.0 must be enabled, even though Microsoft disables it due to major security issues. 

When will a secure file sharing protocol be provided?

  0      
  0      
#1
Options
2 Reply
Re:SMB1.0 is insecure and depreciated. Will Archer routers be updated?
2023-05-31 00:48:18

  @cr42 

 

Most likely yes, but its probable it will only be on the current or active product at that time.  Aged model/hardware versions that have been EOL (end of life) or have updated hardware versions will likely not be updated.  For these models, customers will need to turn SMB V1 on in their Windows system and exercise caution when using the feature, such as using a complex password and limiting which devices can and cannot access the share. 

  0  
  0  
#2
Options
Re:SMB1.0 is insecure and depreciated. Will Archer routers be updated?
2023-06-01 00:52:02

  @Carl That is vey disappointing. Considering SMBv1 was depreciated over 10 years ago, and I have devices that are still for sale, including the AX55, it is shocking a protocol that has been vulnerable and replaced for that long is still in use anywhere. 

The risk is that if I open up this ancient and highly vulnerable SMBv1 protocol on any of my devices, I am then at much higher risk if I use those devices at home or especially on any other networks. This is truly terrible product development from a company that claims to be building security into thier products. 

 

 


TP-Link really, really need to hire some security staff and put them to work advising their developers. High-risk vulnerabilities should have been prevented from being included years ago.

  0  
  0  
#3
Options

Information

Helpful: 0

Views: 335

Replies: 2

Related Articles