I have an Archer vr1600v2 (firmware 0.1.0 0.9.1 v5006.0 Build 190228 Rel.72265n) router supplied by TPG when I first installed HFC NBN.
I changed the su password on setup and locked TPG out of the device, so that I could reconfig the VOIP settings etc.
Now that I am moving to More NBN, should I flash the device with the latest TP Link/OEM firmware, or just leave as-is and apply my More credentials?
Thanks.
If you do not care if it works or not on the new RSP then leave it as it is. If you do care then upgrade it.
If you want to leave it with potential security holes in it then leave it as it is, but if you want to ensure that it has all the security fixes it can have then upgrade it.
absolutely leave it as it is, the updates to firmware were made at the request of ISP's to hide menus and prevent super user access they were not about security fixes
Hi iRishness,
I have just been reading your posts over at marcelvarallo…
So I should not flash my current 0.1.0 0.9.1 v5006.0 Build 190228 Rel.72265 firmware with the Archer_VR1600vV2_0.1.0_0.9.1_up_boot(200304)_2020-03-05_16.44.11 you posted there because I may lose functionality & I will lose su access
Btw, where did you source your firmware???
Also, I have su access under my current firmware, because when the su password was leaked on the internet, and I immediately disabled CWMP.
- Can I change the su password, from that which was publicly leaked? I think not, as its baked into the firmware?
- Is su access only available on the lan ports, not the wan port? Otherwise every VR1600v with that firmware is at risk?
stick with the firmware you have purely as it is more functional than the one posted on marcelvarallo, it was an option for those who had their firmware flashed by their ISP and lost su access or didn't have it to begin with (it was sourced from a NZ ISP). Depending on which VR1600 you have most have the capability to change the su password however in later versions only the embedded su password would work. I think all VR1600's are vulnerable and should have cwmp disabled or the su password changed, you will also find things in the log files in relation to the device receiving VOIP calls which while TP Link says is normal system behaviour I find very suspect and no reliable explanation for.
It's always good to have the latest version of the firmware installed, as a security precaution.