Is it safe to downgrade Orbi firmware from 2.7.3.22 to older ones?

---

thebadpete wrote:

 Is it safe for me to downgrade the Orbi firmwire back to my previous version? Anyone has done downgrades before?

---

There are two separate issues in these questions.

What does safe mean?  Netgear's release notes refer to (a) fixing the DNS issue from last March when Daylight Saving Time and Traffic Meter are enabled, and (b) Fixes security vulnerabilities (which are not identified).  Leaving Traffic Meter disabled takes care of the first situation.  I have no earthly idea how a person would evaluate the security fixes.  Are they serious?  Relevant to ordinary users?  No idea.

My own guess is that those vulnerabilities are mostly aimed at threats from inside the LAN or when the web interface is exposed to the internet.  Safe in the sense of, "will my Orbi funtion if it is rolled back?", the answer is certainly "it wll".  It worked with that firmware for months (or years).  It will work again.

The issue with loading previous firmware is how to prevent the Orbi from updating itself right back to V2.7.3.22.  There are two methods which have been proven to work:

1. Insert a router ahead of the Orbi which blocks access to Netgear's firmware update web sites.  No access equals no auto-update. Under $50 will buy a decent router which will do this.  Put the Orbi in AP mode and that new router can be used for port forwarding.
2. Load previous firmware which supports telnet and change the file firmware_version to start with a larger number than any Orbi firmware, such as V9.2.7.104. The downside with this method is that this file will get replaced any time the Orbi reboots, such as after a power outage, and the hack will have to be done again.

It is truly distressing that firmware V2.7.3.22 has caused horrible problems for so many people and Netgear's firmware development/release process takes so long.  That DNS problem arose in March (with Daylight Saving Time) and firmware to fix the issue came out in August (5 months).