- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- « Previous
-
- 1
- 2
- Next »
Re: R7000 & R6400 Vulnerability Note VU#582384
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: R7000 & R6400 Vulnerability Note VU#582384
Hi
Just update firmware of my R7000 Router to beta 1.0.7.6 and would like to know if others also experience the following behaviour (used MS Edge for testing):
1. Go to router start page (in my case 192.168.1.1) and click cancel, meaning do not enter username and password
2. Enter the poc url http://192.168.1.1/cgi-bin/;telnetd$IFS-p$IFS'45' into the address bar and click cancel when it asks for username and password. 404 not found message appears
3. Entering again router start page 192.168.1.1 doesn't ask for username and password know and I am automatically logged in to the management console?!
Is this working as desgined or still a bug in the beta firmware?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: R7000 & R6400 Vulnerability Note VU#582384
Perhaps a cached page? Did you delete browsing history and cached?
Though I don't have Edge, I'm not getting this on IE, Firefox and Chrome.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: R7000 & R6400 Vulnerability Note VU#582384
Will the updated firmware wipe out all my settings? The technote says:
"Write down all the settings which you changed from the default values, since you may need to re-enter them manually."
But does it actually wipe them out? And, if so, will backing up the settings w/ my current firmware allow me to successfully restore them after flashing the beta firmware?
I have a pretty large port forwarding and DHCP reservation tables and would need ot set aside considerable time to re-enter everything if I had to.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: R7000 & R6400 Vulnerability Note VU#582384
You should prepare just in case to be able to re-enter your settings manually e.g. if you need to do a factory reset after the upgrade.
I had no problems but then I have a very simple configuration on my R7000.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: R7000 & R6400 Vulnerability Note VU#582384
That's good advice, but I'm really wondering if others have flashed the beta and can confirm that their settings remained intact or, at least, that the new firmware is able to successfully restore settings backed up with the prior firmware.
You guys must have tested this in the lab, yes? Did it work for you?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: R7000 & R6400 Vulnerability Note VU#582384
I do recall a similar experience with Chrome browser right after I updated to the beta firmware. As @ElaineM said, it probably was a cached page. That was my immediate guess when I saw my router showed me the administration page without loggin in, and I re-started my brower and then was asked to log into the router.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: R7000 & R6400 Vulnerability Note VU#582384
After update to the beta firmware, I verified that all my settings on the router are intact. The settings I had customized and tuned to my likings are
- Internet Setup
- Wireless Setup
- LAN Setup
- Guest Network
- Device Name
- ReadySHARE Storage
- Wireless Settings
- Port Forwarding
- VPN Service
- Remote Management
I can report all those settings have not been changed.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: R7000 & R6400 Vulnerability Note VU#582384
Confirmed! Router is updated and prior preferences remained.
Thanks for the reply. Gave me just the confidence I needed to take the plunge.
But yes, I wrote everything down prior anyway. 🙂
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi All,
The Security Advisory for VU 582384 has been updated.
Also, for more information and update see the thread below.
- « Previous
-
- 1
- 2
- Next »
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more