AC-1900 Router: Patch Available for Security Vulnerability?

magentaco

    Hi T-Mobile!

     

    I have a T-Mobile AC-1900 router with Firmware Version:3.0.0.4.376_3181.

     

    Security researches identified 2 vulnerabilities (CVE-2018-5999 and CVE-2018-6000) which, when combined, allow for Remote Code Execution from within the LAN network. Essentially, anyone on your local network (even on a separated guest network) can do anything they want to the affected ASUS routers, including RT-AC86U routers with Firmware versions below 3.0.0.4.384_10007.

     

    I wanted to confirm:

    1. If the AC-1900 is affected by these vulnerabilities (I assume it is)
    2. If so, when T-Mobile will be offering firmware upgrades

     

    A news article on this topic can be seen at: https://threatpost.com/asus-patches-root-command-execution-flaws-haunting-over-a-dozen-router-models/129666/

     

    Links to CVEs:

    NVD - CVE-2018-5999

    NVD - CVE-2018-6000

      All replies