3 Replies Latest reply: Mar 23, 2015 2:55 AM by howielxix RSS

    Why is T-Mobile actively shipping insecure and vulnerable routers to it's customers?

      I got the TM-AC1900 router which was shipped at firmware 3.0.0.4.376_2827. This router has the following bugs and vulnerabilities listed below and have been fixed in firmware 3.0.0.4.378.4585. However T-Mobile is

      1) NOT releasing the latest firmware release to it's end customers

      2) NOT appearing to communicate effectively with it's customers regarding this lack of firmware updates (looking at this thread, "assuming answers" that make no sense).


      So, who is liable for T-Mobile knowingly distributing these routers and not supporting their security updates? When can be expect every issue below to be resolve for such T-Mobile customers?


      -------[ Details ] ----------


      Security related
      - Upgrade OpenSSL library to 1.0.0q
      - Fixed CVE-201301813
      - Fixed the XSS vulnerability on page Main_Analysis_Content.asp
      -Fixed infosvr security issue.
      -Fixed Cross-site request forgery security issue

      - Fixed CSRF issue.
      - Upgraded Openssl library to 1.0.0.o
      - Removed FTP link in Network map

      - Upgraded OpenSSL library to 1.0.0n
      - Added SSH daemon in administration -> system

       

      Bug fixes
      - Fixed DPI engine initiation issue.
      - Updated AiCloud related string.
      - Updated QIS string.

      - Fixed dual wan fails over mode switch back issue.
      - Fixed VPN server related issues.
      - Fixed static IP setting issue in AP mode.
      - Fixed download master cannot be uninstalled in FAT16 and FAT32 format.
      - Fixed Wake on LAN UI issue.
      - Fixed Firefox compatibility issue.
      - Fixed IPv6 related issues.
      - Fixed IGMP related issues.
      - Fixed media server related issues.
      - Fixed UI issue when setting the repeater mode or AP mode in QIS.
      - Fixed HUAWEI E180, E261, E1750, E1780, EC122, EC1260, EC1261, EC150, EC167, ET128, compatibility issue.
      - Fixed ZTE MU251, T A356, AC580, AC590 compatibility issue.
      - Fixed BandLuxe C170 compatibility issue.
      - Fixed HTC M8 USB tethering compatibility issue.

      - Fixed NAT loopback issue.
      - Fixed samba issue when plugging two USB drives.
      - Fixed the NTP sync issue in AP mode.
      - Fixed user interface issues for IPTV, Media bridge mode, VPN server.

      - Supported Huawei E161, E3131, E171

      - Supported ZTE MF880, MF823, MF821D

      - Supported Royaltek Q110

       

      AiProtection fixes

      - Fixed router reboot issue when disabled AiProtection

      - Fixed kernel panic when wan reconnected

      - Modified web history strings

      - Updated signature to 1.030

      - Optimize memory usage


      New features
      - Added AiProtection with triple-strength total network security, plus robust parental controls and privacy protection
      - Added Adaptive QoS. Applications and tasks can be prioritized easily using drag-and-drop presets for gaming, media streaming, VoIP, web browsing and file transfers.

      - Added Movistar profile in IPTV setting page
      - Added AiProtection with triple-strength total network security, plus robust parental controls and privacy protection
      - Added Adaptive QoS. Applications and tasks can be prioritized easily using drag-and-drop presets for gaming, media streaming, VoIP, web browsing and file transfers.