Re: RBR50 Vulnerable to CVE-2019-15126?

StrongFish · ‎2020-02-28

Are the Orbi mesh WIFI router/waps vulnerable to kr00k (CVE-2019-15126)? If so, when will a patch be released. It seems the last firmware patch was released quite some time ago.

Thanks!

tomschmidt · ‎2020-03-01

Looking up CVE-2019-15126, it appears to affect devices that use certain Broadcomm WiFi chips. The Orbi uses a Qualcomm WiFi control chip which is currently not listed for this CVE.

CrimpOn · ‎2020-03-01

Thanks for the reassurance. I have been unsuccessful in searching for a description of the component parts in Orbi models.

I found the FCC filing for the RBR50, but the pictures are too blurry to read the chip information.

Is there a web page somewhere showing the chips in each model?

FURRYe38 · ‎2020-03-01

Is there a link to this CVE?

@StrongFish wrote:
Are the Orbi mesh WIFI router/waps vulnerable to kr00k (CVE-2019-15126)? If so, when will a patch be released. It seems the last firmware patch was released quite some time ago.

Thanks!

CrimpOn · ‎2020-03-01

I did a Google and the first hit was perfect.

FURRYe38 · ‎2020-03-01

Heres the link:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15126

@Blanca_O

@Christian_R