ronstudio

I have searched around the background on this and found this:
https://www.snbforums.com/thread ... ems-with-384.45692/

As quoted from Merlin himself:

1. The issue is most likely tied to a security issue with the web server. Exposing it to the WAN could allow an attacker to take control of the router. The issue was fixed in some devices in 384.4, and fixed for the rest of them in 384.4_2.
   
2. 
   
3. Ultimately, people should not open the webui to the WAN interface.

複製代碼

For me personally, my router wouldn't open any unnecessary service to public internet.

Fanolian

無開remote access 應該安全掛？

ronstudio

回覆 12# Fanolian

If you need remote access, you should use the higher security one with the key to login , instead of simple username/password. Also disable all the WebUI access to external public Internet.

All those services should be available for Intranet AFTER you have successfully login via ssh/vpn key.

yycat

ac58u 用緊官方firmware 無事

siusiupin

所有Asus Router都會被Hack？
定還是有VPN功能的Router先會被Hack？

TH30

Ultimately, people should not open the webui to the WAN interface.
ronstudio 發表於 2018-3-28 10:34 PM

請問邊個位置可設定停web ui？

C-Leung

近排我部ac56u merlin間唔中都開機上唔到網，login入去會去咗精靈mode(wizard)，但skip咗又冇事，都唔知關唔關事

不過早兩日已經up咗firmware，暫時冇再發生類似事件，再觀察

hkbestbuy

近排我部ac56u merlin間唔中都開機上唔到網，login入去會去咗精靈mode(wizard)，但skip咗又冇事，都唔知關 ...
C-Leung 發表於 2018-3-28 23:49

    其中有几個客又出現同你一樣情況，無故跳去setup wizard.上唔到網。升級firmware後正常返。

fatdog

好彩有 firewall 隔住，check 左冇事，多謝匯報
RT-AC1200G+
3.0.0.4.382_18991-gc0b6a33

lkca

發生左幾星期, 通常變韓文gui, login 唔到, ddns被登記, vpn server被開

merlin同原廠3月前firmware 應該都會中

n66u firmware有update
Version 3.0.0.4.380.8228
2018/03/28

其他model未update

via HKEPC