Fn352: redirected to CERT-announced vulnerability of TP-Link modem/router

2015-12-28T22:27:03Z

redirected to CERT-announced vulnerability of TP-Link modem/router

← Older revision		Revision as of 22:27, 28 December 2015
Line 1:		Line 1:
	~~Please contact NCF or bring it over if you are unsure on how to proceed.~~		#REDIRECT [[CERT-announced vulnerability of TP-Link modem/router]]

	~~As long as you have the following hardware versions and the latest corresponding firmware versions installed, then you are not affected.~~
	- TD-~~W8951ND: hardware v5, v6; firmware TD-W8951ND_V5_141114, TD-W8951ND_V6_141027~~
	~~- TD-8816: hardware v8; firmware TD-8816_V8_140311~~

	~~Firmware version can be identified by executing the following steps:~~
	~~- Verify hardware version - how to find hardware version, see http://www.tplink.ca/en/Article/?id=46~~
	~~- Connect your desktop or laptop to the modem via Ethernet cable - this can't be done via Wi-Fi!~~
	~~- Launch a browser and type in the URL 192.168.1.1~~
	~~- User: admin, PW: NCF_DSL_PW~~
	~~- Click on the Maintenance tab~~
	~~- Click on the Firmware tab and verify that your version is as indicated above~~


	~~1. If your~~ modem ~~is marked as v5 or v6, apply firmware update 141114 immediately.~~
	2. Vulnerability is blocked from the Internet by disabling WAN ACL (log to 192.168.1.1, enter admin/DSL password, click on Access management, verify ACL is Activated, Interface LAN is selected. NCF started verifying this on all modems since July/~~August 2014. NCF checked and Remote Management is disabled.~~
	~~3. Vulnerability is blocked from the LAN by using a strong Wi-Fi password (NCF applies DSL password here). If your Wi-Fi is open, your modem is open to any attack.~~

Xx175: Created page with 'Please contact NCF or bring it over if you are unsure on how to proceed. As long as you have the following hardware versions and the latest corresponding firmware versions insta…'

2014-12-31T16:12:26Z

Created page with 'Please contact NCF or bring it over if you are unsure on how to proceed. As long as you have the following hardware versions and the latest corresponding firmware versions insta…'

New page

Please contact NCF or bring it over if you are unsure on how to proceed.

As long as you have the following hardware versions and the latest corresponding firmware versions installed, then you are not affected.
- TD-W8951ND: hardware v5, v6; firmware TD-W8951ND_V5_141114, TD-W8951ND_V6_141027
- TD-8816: hardware v8; firmware TD-8816_V8_140311

Firmware version can be identified by executing the following steps:
- Verify hardware version - how to find hardware version, see http://www.tplink.ca/en/Article/?id=46
- Connect your desktop or laptop to the modem via Ethernet cable - this can't be done via Wi-Fi!
- Launch a browser and type in the URL 192.168.1.1
- User: admin, PW: NCF_DSL_PW
- Click on the Maintenance tab
- Click on the Firmware tab and verify that your version is as indicated above

1. If your modem is marked as v5 or v6, apply firmware update 141114 immediately.
2. Vulnerability is blocked from the Internet by disabling WAN ACL (log to 192.168.1.1, enter admin/DSL password, click on Access management, verify ACL is Activated, Interface LAN is selected. NCF started verifying this on all modems since July/August 2014. NCF checked and Remote Management is disabled.
3. Vulnerability is blocked from the LAN by using a strong Wi-Fi password (NCF applies DSL password here). If your Wi-Fi is open, your modem is open to any attack.

Special - Revision history

Fn352: redirected to CERT-announced vulnerability of TP-Link modem/router

Xx175: Created page with 'Please contact NCF or bring it over if you are unsure on how to proceed. As long as you have the following hardware versions and the latest corresponding firmware versions insta…'