AC-1900 Router: Patch Available for Security Vulnerability?

magentaco

    Hi T-Mobile!

     

    I have a T-Mobile AC-1900 router with Firmware Version:3.0.0.4.376_3181.

     

    Security researches identified 2 vulnerabilities (CVE-2018-5999 and CVE-2018-6000) which, when combined, allow for Remote Code Execution from within the LAN network. Essentially, anyone on your local network (even on a separated guest network) can do anything they want to the affected ASUS routers, including RT-AC86U routers with Firmware versions below 3.0.0.4.384_10007.

     

    I wanted to confirm:

    1. If the AC-1900 is affected by these vulnerabilities (I assume it is)
    2. If so, when T-Mobile will be offering firmware upgrades

     

    A news article on this topic can be seen at: https://threatpost.com/asus-patches-root-command-execution-flaws-haunting-over-a-dozen-router-models/129666/

     

    Links to CVEs:

    NVD - CVE-2018-5999

    NVD - CVE-2018-6000

      All replies

      • dragon1562

        T-mobile is not the one that creates the updates. It would be Asus I believe. The router itself is pretty old thus I would not get my hopes up for anything speedy. However, this is just a educated guess based on experiences I have had in the past.

        1 of 1 people found this helpful
        • tmo_amanda

          Hey, magentaco!

           

          Welcome to our Support Community! This was a hot topic a few months ago around here and I think you may find some helpful information in the mega post here:TM-AC1900 and KRACK WiFi vulnerability that answers both of your questions. It also has a few user recommended work-arounds.

          1 of 1 people found this helpful
            • magentaco

              Hi @tmo_amanda!

               

              I appreciate the response. Unfortunately, this is a *totally different vulnerability,* and arguably much more serious. Also, unlike last time, there is no indication from ASUS that it does not affect the AC-1900; it almost definitely does since ASUS has noted it affects the RT-AC86U.

               

              I suppose the only answer might be to flash the firmware in this case, but I was hoping there might be some other response.

              1 of 1 people found this helpful
            • magentaco

              For anyone who stumbles across this, I wanted to highlight that this is once again a totally separate issue from the "KRACK" attack, and unlike KRACK, this router is definitely vulnerable.

               

              I have flashed my router to using ASUS standard firmware so I can now update to the latest patches ASUS releases for their usual product line and I am now safe from the above vulnerabilities.

               

              Anyone who has NOT flashed their device, I would strongly recommend you do. And if you can't (or can't replace the router), at the very least I would recommend turning off any guest network / passwordless access to any part of your network, as an attacker can attack from anywhere that has access to your router.

               

              Good luck!

              1 of 1 people found this helpful