Re: firmware vunnerability

fli · ‎2021-08-06

It's unbelievable that the firmware is so vulnerable:

1. admin web login with clear text password without TLS or SSL

2. The CVE-2018-10822 issue

3. No way to stop SSID broadcasting

With this price tag, could you enhence the above?

FURRYe38 · ‎2021-08-06

@fli wrote:

It's unbelievable that the firmware is so vulnerable:

1. admin web login with clear text password without TLS or SSL < Most routers don't need any TLS or SSL on the admin log in from a local side. Been like this for a long time now.

2. The CVE-2018-10822 issue< This issue is in regards to D-Link effected routers. Not NG.

3. No way to stop SSID broadcasting< Been like this since Orbi AX released.

With this price tag, could you enhence the above?

Ragar99 · ‎2021-08-06

I could find a non-broadcasted SSID in about 30 seconds on my cell. That is not security.

FURRYe38 · ‎2021-08-06

You have a screen capture of this?

@Ragar99 wrote:

I could find a non-broadcasted SSID in about 30 seconds on my cell. That is not security.

Ragar99 · ‎2021-08-07

I think you misunderstood. I am not saying Obri allows the user to hide the SSID. I meant in general it is pretty easy to find hidden or unbroadcasted SSIDs.

FURRYe38 · ‎2021-08-07

Gottcha. Very true for sure.