Head blueLogoText.gif NCF HelpWiki
Help | StartPage

Misfortune Cookie Vulnerability

From Support
Revision as of 13:59, 31 December 2014 by Fn352 (talk | contribs) (better link)
Jump to navigation Jump to search

In December 2014 Carnegie Mellon University CERT announced that some routers and DSL gateways have vulnerabilities that have existed in the firmware since 2002. further info. Please contact NCF or bring it over if you are unsure on how to proceed.

As long as you have the following hardware versions and the latest corresponding firmware versions installed, then you are not affected.

  • TD-W8951ND: hardware v5, v6; with firmware TD-W8951ND_V5_141114 or TD-W8951ND_V6_141027
  • TD-8816: hardware v8; firmware TD-8816_V8_140311

Firmware version can be identified by executing the following steps:

  • Verify hardware version - how to find hardware version, see http://www.tplink.ca/en/Article/?id=46
  • Connect your desktop or laptop to the modem via Ethernet cable - this can't be done via Wi-Fi!
  • Launch a browser and type in the URL 192.168.1.1
  • User: admin, PW: NCF_DSL_PW
  • Click on the Maintenance tab
  • Click on the Firmware tab and verify that your version is as indicated above

Notes:

  1. If your modem is marked as v5 or v6, apply firmware update 141114 immediately.
  2. Vulnerability is blocked from the Internet by disabling WAN ACL (log to 192.168.1.1, enter admin/DSL password, click on Access management, verify ACL is Activated, Interface LAN is selected. NCF started verifying this on all modems since July/August 2014. NCF checked and Remote Management is disabled.
  3. Vulnerability is blocked from the LAN by using a strong Wi-Fi password (NCF applies DSL password here). If your Wi-Fi is open, your modem is open to any attack.