Welcome to TP-LINK Tech Support Forum
+ Reply to Thread
Results 1 to 5 of 5
  1. #1
    Administrator
    Join Date
    Mar 2012
    Posts
    57

    Fixed a critical vulnerability issue related to UPnP

    Model : TD-W8960N

    Hardware Version : V4

    Following the release this week of a research paper from security firm
    Rapid7 describing vulnerabilities in the widely used Intel/Portable UPnP SDK and MiniUPnP SDK stacks, security researchers from DefenseCode announced that they identified a critical vulnerability in a separate UPnP stack developed by Broadcom and used in devices with Broadcom chipsets, including one device from TP-LINK, the TD-W8960N.
    http://www.defensecode.com/public/De...y_Advisory.pdf
    Being aware of the urgency of this issue, our R&D solved it immediately and released a beta Firmware for the customers who are worried about this problem to download.

    You can find this beta Firmware here:
    http://www.tp-link.com/en/support/do...rsion=V4#tbl_j
    At the end of February, we will release the official FW, solving the UPnP Vulnerability of TD-W8960N.

  2. #2
    Banned
    Join Date
    Nov 2012
    Location
    Canada
    Posts
    118
    Nice !

  3. #3

    8960n v3

    looks like i was hit by this vulnerability and no firmware upgrade available.

    my password was changed, but internet still worked, had to reset back to factory defaults and reupload my config.

    dunno how long before get hit again.

    upnp service is disabled but still running!

  4. #4
    Members
    Join Date
    Aug 2013
    Location
    Australia
    Posts
    2

    Firmware still Beta

    The firmware for TD-W8960N V4 is still in Beta, after 6 months. Any info on when official FW to be released?

  5. #5
    Members
    Join Date
    Apr 2014
    Location
    Australia
    Posts
    2
    Quote Originally Posted by tplink View Post
    Model : TD-W8960N

    Hardware Version : V4

    You can find this beta Firmware here:
    http://www.tp-link.com/en/support/do...rsion=V4#tbl_j
    At the end of February, we will release the official FW, solving the UPnP Vulnerability of TD-W8960N.
    Seems like even the beta firmware had been removed from the download page instead! What's going on?


 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Copyright 1996-2014 TP-LINK Technologies Co., Ltd. All rights reserved.

vBulletin Skin By: ForumThemes.com