Welcome to TP-LINK Tech Support Forum
+ Reply to Thread
Page 3 of 9 FirstFirst 1 2 3 4 5 ... LastLast
Results 31 to 45 of 124
  1. #31
    Please fix it with C7v2 and C1200.

  2. #32
    So this is the only official response yet from TP-link? I find it odd that I had to search on Google to find an official response, tucked away on a forum. There's absolutely nothing about this on the front-page, and this is a major security vulnerability. Come on! Considering that you have had months to prepare for this, the lack of information is inexcusable.


    I have a TL-WR1043ND, and one thing is fore sure, if TP-link doesn't patch or give me any information about this, then I will never buy another product from TP-link again, and I will also make sure to go out of my way to advice people against buying anything from this company whenever the topic of routers comes up.

  3. #33
    helpful hints to management

    1. regardless of this issue, all sites should now be https. ex. this forum and router admin. this is 2017. talk to your security team!

    2. you need a much better security incident response plan. do you have a CISO? if so they are not doing great.

    3. you had time to address this before it went public. dont make excuses, be honest and communicate better with your customers,

    4. people care about security. this will cost you sales.

  4. #34
    Administrator tplink has disabled reputation
    Join Date
    Mar 2012
    Posts
    443
    Hi All,

    Please pay attention to the latest updates. If you're using a TP-Link router working in the default router mode or access point mode, please don't be worry as it actually won't be affected by the vulnerabilities. However, we will still release updates to fix the vulnerabilities in weeks when the router is working in the WDS bridging mode, which is disabled by default and rarely used in most user cases. As for range extenders that working in the RE mode, we will release fixes as soon as possible. Thanks.

  5. #35
    Administrator tplink has disabled reputation
    Join Date
    Mar 2012
    Posts
    443
    Quote Originally Posted by tonbenron View Post
    So this is the only official response yet from TP-link? I find it odd that I had to search on Google to find an official response, tucked away on a forum. There's absolutely nothing about this on the front-page, and this is a major security vulnerability. Come on! Considering that you have had months to prepare for this, the lack of information is inexcusable.


    I have a TL-WR1043ND, and one thing is fore sure, if TP-link doesn't patch or give me any information about this, then I will never buy another product from TP-link again, and I will also make sure to go out of my way to advice people against buying anything from this company whenever the topic of routers comes up.
    Are you using the WDS Bridging feature with TL-WR1043ND? If not, you won't be affected by the vulnerabilities.

  6. #36
    Administrator tplink has disabled reputation
    Join Date
    Mar 2012
    Posts
    443
    Quote Originally Posted by ic3b34r View Post
    Please fix it with C7v2 and C1200.
    Your C7 will not be affected if you use the default router mode or set it up as an access point.
    As for C1200, the model doesn't support WDS function, thus it won't be affected.

  7. #37
    Administrator tplink has disabled reputation
    Join Date
    Mar 2012
    Posts
    443
    Quote Originally Posted by jgu View Post
    TP-Link: you were notified of this vulnerability more than 90 days ago. During that embargo period you should have researched the issue and prepared suitable updates. What the hell have you been doing?
    Please pay attention to the participants of the vulnerability meeting. Not all the manufactures are aware of this vulnerability until the author published it on October 16th. The author doesn't make it widely known due to the security consideration.
    However, TP-Link have worked with the chipset provider to get fixes for customers. Will keep updating to you about the process.

  8. #38
    Administrator tplink has disabled reputation
    Join Date
    Mar 2012
    Posts
    443
    Quote Originally Posted by Radar View Post
    WEEKS (!) Come on TP-Link this isn't something you can address over the 'coming weeks' - You have to address it NOW. Even if it's to say that nothing needs doing. Your rivals seem to be releasing patches all over the place.

    Would you please also remember that customers running some of your more legacy equipment models may well be affected. It would be nice to see for instance, my Archer D9 receive an update if it is deemed necessary.
    Some of us are quite happy with these legacy goods but would definitely be more than happy to look at rival products from other vendors (that have been patched) should the necessity for new equipment arise in the near future.
    Please pay attention to the latest updates.
    The vulnerabilities target the Wi-Fi clients only. Thus if your Archer D9 works in the default router mode, you won't be affected by the clients. Just update your Wi-Fi clients to avoid the security vulnerabilities such as laptops and smartphones.

  9. #39
    Administrator tplink has disabled reputation
    Join Date
    Mar 2012
    Posts
    443
    Quote Originally Posted by mattp_eng View Post
    Our business uses EAP245's and it was their initial value that led us to choose them but it's this response that makes us really regret not spending slightly more to go with the Ubiquiti access points. If we had Ubiquiti access points we would have been able to apply the patch yesterday and move on.

    As others have noted in some other threads here, most of us smaller business users can't risk our engineering data being vulnerable, so we simply unplugged all of our access points until TP-LINK can get their act together.

    I'd personally recommend that any business user seriously consider another OEM for any professional network based on this pathetic response.
    The EAP series don't have a wireless WDS bridging function to make it as a Wi-Fi clients. Thus the EAP series will never be affected by the WPA2 vulnerabilities. So don't be worry about your network security provided by EAP245. What you need to do is updating your Wi-Fi clients.
    Ubiquiti patches their products because their access points are associated wirelessly.

  10. #40
    Administrator tplink has disabled reputation
    Join Date
    Mar 2012
    Posts
    443
    Quote Originally Posted by bimbam2103 View Post
    Hello everybody.

    I can confirm that the TP-Link Archer C2 (V 1.0) has this Problem. I tested it minutes ago.

    My Problem is, that i use this Router for my server. Deactivating WLAN is not possible because i have also WLAN-Clients like Tablets they do not have a sim-slot.


    Is it possible to close this security risk very fast and publish a firmware update because my entire company works with this server included the websites.

    Greetings

    bimbam2103
    If you're using Archer C2 as a wireless router, then it's not the point of the router, but your Wi-Fi clients. Even if the router has updated the latest WPA2 protocol which fixes the vulnerability, your client will still be attacked since it's using the older protocol with vulnerability. Thus just update your clients.

  11. #41
    Administrator tplink has disabled reputation
    Join Date
    Mar 2012
    Posts
    443
    Quote Originally Posted by gladtobegrey View Post
    I hope that will apply to end-of-life products as well, such as my TD-W9980 (Ver 1.0).
    If you use the TD-W9980 as a DSL modem router, then you will not be affected by the vulnerabilities. What you need to do is updating your clients.

  12. #42
    saying that wifi routers are not effected is wrong and not correct!

    - both the client and wifi router need to be fixed
    - it is true that if a client OR wifi router is patched then the vulnerability cant be exploited

    is tplink saying that since apple, MS, etc. have fixed the client side that tplink doesn't need to fix the wifi router end of the issue? maybe i am not understanding but this sounds like what is being said and is wrong. therefore any wifi router supporting WPA2 should be patched.

    "So again, update all your devices once security updates are available. Finally, although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks!"

    https://www.krackattacks.com/#faq

  13. #43
    Quote Originally Posted by is2017 View Post
    it is true that if a client OR wifi router is patched then the vulnerability cant be exploited
    This is wrong. The attack primarily focuses on the client and so if only the router/access point is patched, the client is still vulnerable. All clients MUST be patched.

    Ideally all routers and access-points would be patched as well. However, even the krack attacks website acknowledges that not all access points will need to be, as the vulnerability exists when they make a connection to an upstream device (i.e. wireless repeaters). I think this is what TP-Link are attempting to point out when they say not to enable wireless bridging on the devices that feature it.

  14. #44
    Administrator tplink has disabled reputation
    Join Date
    Mar 2012
    Posts
    443
    Quote Originally Posted by is2017 View Post
    saying that wifi routers are not effected is wrong and not correct!

    - both the client and wifi router need to be fixed
    - it is true that if a client OR wifi router is patched then the vulnerability cant be exploited

    is tplink saying that since apple, MS, etc. have fixed the client side that tplink doesn't need to fix the wifi router end of the issue? maybe i am not understanding but this sounds like what is being said and is wrong. therefore any wifi router supporting WPA2 should be patched.

    "So again, update all your devices once security updates are available. Finally, although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks!"

    https://www.krackattacks.com/#faq
    Just as what I said, TP-Link will patch the routers as well in weeks. And routers are only affected in WDS bridging mode.
    The vulnerability mainly targets the Wi-Fi clients, thus if you don't get the router (in default router mode or AP mode) patched through the router, you won't be attacked. If you get the router patched, but Wi-Fi clients not patched, you are likely to be attacked.

  15. #45

    It's not really true the AP are not affected if not used in client or repeater mode

    Hi TP-Link,
    I would kindly ask to review your statement about AP/Router are not affected if not used in client or repeater mode for below reason:
    If you check the dedicated KRACK research paper at https://papers.mathyvanhoef.com/ccs2017.pdf you can understand that the problem why a client can be "attacked" from KRACK is also due to AP/Router implementation as follow:

    In the research paper you can read:


    "In practice, we found that several APs indeed accept an older replay
    counter. More precisely, some APs accept replay counters that were
    used in a message to the client, but were not yet used in a reply
    from the client (see column 2 in Table 2 on page 8). These APs
    will accept the older unencrypted message 4, which has the replay counter r+1 in Figure 4."

    So maybe you should check if your router/AP is accepting older replay counter.


    and in addition it seems also below technique can be used against AP as per the research paper:
    "it is still possible to indirectly attack them by performing a key reinstallation attack against the AP during an FT handshake" (see Section 5 - A Key Reinstallation Attack against the AP):

    "This attack technique requires us to wait until a rekey of the
    session key occurs. Several APs do this every hour [66], some examples
    being [24, 26]. In practice, clients can also request a rekey by
    sending an EAPOL frame to the AP with the Request and Pairwise
    bits set. Coincidently, Broadcom routers do not verify the authenticity
    (MIC) of this frame, meaning an adversary can force Broadcom
    APs into starting a rekey handshake. All combined, we can assume
    a rekey will eventually occur, meaning an adversary can carry out
    the key reinstallation attack."


    So maybe you should check if your AP/Router are affected about "not verify the authenticity(MIC) of this frame"

    So I would really kindly ask you to re-check your product if they are affected and support us as your customers with a fix on AP/Router side (in my case W8970)

    Thanks in advance for your understanding!


 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Copyright 1996-2017 TP-LINK Technologies Co., Ltd. All rights reserved.