Welcome to TP-LINK Tech Support Forum
+ Reply to Thread
Results 1 to 8 of 8
  1. #1
    Members
    Join Date
    Mar 2014
    Location
    Australia
    Posts
    2

    TD-W8901g DNS redirect hack. Please FIX FIRMWARE!

    Region : Australia

    Model : TD-W8901G

    Hardware Version : V3

    Firmware Version : 3.0.1 Build 100603 Rel.26888

    ISP :


    I know this is an old modem, but a company had an obligation to fix security exploits!

  2. #2
    Members
    Join Date
    May 2014
    Location
    Italy
    Posts
    2

    Thumbs up

    Quote Originally Posted by crazyazz View Post
    Region : Australia

    Model : TD-W8901G

    Hardware Version : V3

    Firmware Version : 3.0.1 Build 100603 Rel.26888

    ISP :


    I know this is an old modem, but a company had an obligation to fix security exploits!
    Same problem:
    Model : TD-W8901G
    Hardware Version : V3
    Firmware Version : 3.0.1 Build 100901 Rel.23594
    ISP : Infostrada

    DNS regularly change also resetting the Router.

    Refers to: http://arstechnica.com/security/2014...cious-changes/

    Is not a good advertising for TP-Link

  3. #3
    Members
    Join Date
    May 2014
    Location
    Italy
    Posts
    3

    Thumbs up What will you do if they do not fix it?

    Quote Originally Posted by crazyazz View Post

    I know this is an old modem, but a company had an obligation to fix security exploits!
    I agree with you but what would you do if the Customer care tells you that since it is no longer in production they are not planning to release a new firmware (I called them ten minutes ago)???

    I have been a huge fan of TP-Link in the past years, suggesting it to tenths of friends and customers, but with this unpredictable attitude from the technical support I am afraid I will have to review my opinion thoroughly and, I hope, you will do the same.

  4. #4
    Members
    Join Date
    May 2014
    Location
    italy
    Posts
    3
    Hi
    That was their response?
    "since it is no longer in production they are not planning to release a new firmware "
    I'm italian too, from perugia, i have td-w8901g v3.1 and i think that tp-link should release a new firmware also out of warranty.
    I was attacked yesterday with this dns redirect ,i dunno if from a site or whatelse.
    mbagni : what models of tp-link new routers (with modem adsl2+switch+ access point wireless N) do you know don't have this vulnerability/exploit of the firmware ?
    Maybe i will buy a new router, pheraps tp-link brand, and i must choose the model. a cheap model. or from another brand.
    Should be better to avoid tp-link if they don't release a fixed firmware !!
    Last edited by meow81; 05-18-2014 at 14:20.

  5. #5
    Members
    Join Date
    May 2014
    Location
    Italy
    Posts
    3

    Angry

    Quote Originally Posted by meow81 View Post
    mbagni : what models of tp-link new routers (with modem adsl2+switch+ access point wireless N) do you know don't have this vulnerability/exploit of the firmware ?
    I nave your same model, but it seems that the faulty firmware is present also in the new models.

    http://cxsecurity.com/issue/WLB-2012100027

    And is affecting also other brands.

    Maybe the cure could be to configure, for the wifi network card in you PC/tablet having a user defined DNS server, like the google one (8.8.8.8), so if the malware resets your modem you can still navigate safe!

  6. #6

  7. #7
    Members
    Join Date
    May 2014
    Location
    italy
    Posts
    3
    I have kaspersky 2014 antivirus (also kaspersky pure in another pc) and it prevents/inhibits the dns change in a pc where it is installed, also while the dns in the router is changed.
    But i don't know if the inhibition is because/from the wifi network card user defined dns change (google dns) or because/from the antivirus.
    I had switched to the google dns months ago.

    Jimasek i need to know if are right these changes:
    from access management - acl

    active : yes
    secure ip address: 0.0.0.0 - 0.0.0.0 (all ips)
    application : all
    interface: lan

    explanation : for using a pc with an ethernet cable to the lan, a pc physically linked to router switch and it can modify router settings.


    And another rule:

    active :yes
    secure ip address : 192.168.1.2 - 192.168.1.5

    explanation: because when i connect 4 devices in wireless they use those ips and those devices can modify router settings remotely.. with url 192.168.1.1 in broswer, giving password and modifying settings.

    application : web
    interface : both
    Last edited by meow81; 05-19-2014 at 13:49.

  8. #8
    Members
    Join Date
    May 2014
    Location
    italy
    Posts
    3
    they replied to my email :

    Gentile Cliente,
    i prodotti end of life da pił di 3 anni non sono pił sviluppati.
    Grazie per aver contattato il Supporto Tecnico TP-LINK, che rimane naturalmente a Sua completa disposizione.

    i prodotti end of life da pił di 3 anni non sono pił sviluppati. ---> the end of life products from more than 3 years are no longer developed.


 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Copyright © 1996-2014 TP-LINK Technologies Co., Ltd. All rights reserved.

vBulletin Skin By: ForumThemes.com