Home
 » ISP News » 
Sponsored

4 Year Old WPS Security Flaw Still Affecting TalkTalk UK ISP Router UPDATE

Wednesday, May 23rd, 2018 (7:49 am) - Score 3,821
talktalk dlink dsl3780 router broadband isp

One of the older D-Link based ADSL2+ broadband routers from UK ISP TalkTalk has been found to still be vulnerable to a security exploit, which was first notified to the provider all the way back in 2014. This enables a hacker to gain access to your wireless (WiFi) network by sniffing out the WPS password.

According to a new security advisory from IndigoFuzz (bonus credits to The Register for spotting), the Wi-Fi Protected Setup (WPS) feature on the D-Link (RT2860 chipset) router is insecure and always-on (even if the WPS pairing button is not used).

As a result all it takes is for somebody within range of the wireless signal to use a common hacking tool in order to automatically probe the network and uncover its password, which all happens in the space of a few seconds.

IndigoFuzz Statement

This method has proven successful on multiple TalkTalk Super Routers belonging to consenting parties which is enough to suggest that this vulnerability affects all TalkTalk Super Routers of this particular model/version.

TalkTalk have been notified of this vulnerability in the past and have failed to patch it many years later. It is also documented across various community forums. Links:

Contrary to the above statement we do not believe that the aforementioned router is one of TalkTalk’s more modern VDSL2 equipped “Super Routers“, as this term tends to only be used when referencing their Huawei HG633, HG635 or the D-Link 3782 device (the latter was released in 2017). At present it is not known how many of their customers still use the older RT2860 based D-Link kit (the model number isn’t stated).

Admittedly back in 2014 TalkTalk’s approach to security was somewhat more lax than it is today and things didn’t really improve until after the 2015 cyber-attack on their website (here), which sent their reputation and customer base into free fall for awhile.

One small upside to this case is that their older router didn’t deliver a particularly good WiFi signal in the first place and as a result the hacker would have needed to be practically inside your house in order to gain a stable connection. At the time of writing TalkTalk has not provided a comment but we will update once they do.

UPDATE 4:58pm

After a long wait TalkTalk has issued the following statement.

A TalkTalk Spokesperson told ISPreview.co.uk:

“We’re aware of the reported issue affecting some older routers that means in some rare circumstances, a third party could potentially access the gateway’s wireless network password. We work closely with equipment suppliers to ensure that models that may be vulnerable are patched as part of a routine update and maintenance programme.”

Add to Diigo
Tags: ,
Mark Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
5 Responses
  1. Avatar EDDIE Miller

    Talk talk are the worst company I have ever dealt with, super fiver is a joke, I was getting faster speeds with my previous provider on normal broadband and despit repeated emails they keep sending the same bumf, i.e. check your filter check your devices,reset your router etc, these are always the first things anyone with broadband does, not once have I been able to talk to an actual person despite request respected every week, I once copied and pasted different speed test results by email and got sent the standard check your filter nonsense, I wouldn’t recommend anyone signs up with them AT ALL TERRIBLE CUSTOMER SERVICE YERRIBLE SPEEDS YERRIBLE EVERYTHING.

  2. Avatar Alan

    YERRIBLE POST 😀

  3. Avatar Steve

    I love the update they’ve given. Talk about cookie cutter stock statements. Work closely with… patch… routine. Yes, but not for 4 years. So not patched, not working closely with and not routine at all really then?

  4. Avatar Stuart

    The model in question is a 3780.
    I think the router default username and password is ‘admin’
    Which makes gaining access to the admin control panel real easy for an outsider.
    Can’t recall if you can setup dns on this router but that would spell disaster for anyone that did get hacked.
    I wish all the telcos would stop including wps enabled by default it’s such a weak link. Along with uPnP.

  5. Avatar Meena Yabbot

    Its October 2018 now, nearly the end of this year.
    And to everyone’s great surprise, this exploit is still out there in the wild.

    It is related to the default password and worst yet:
    The login panel it’s self is vulnerable to both Wireshark and Clickjacking.

    I personally, am nearing the end of a nightmare subscription on the lowest package they have available. I will be striking back by waiting to the end of my subscription, and taking them to a small claims court.

    I suggest everyone else does the same as, it’s almost impossible to fail with the wealth of evidence we can accrue against them – and anyone who has used this service will understand: You’ll still be salty about the service you were put through even if it all gets refunded.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Hyperoptic £20.00 (*22.00)
    Avg. Speed 50Mbps, Unlimited
    Gift: None
  • Vodafone £22.00
    Avg. Speed 35Mbps, Unlimited
    Gift: None
  • Direct Save Telecom £22.95 (*29.95)
    Avg. Speed 35Mbps, Unlimited
    Gift: None
  • Plusnet £22.99 (*34.98)
    Avg. Speed 36Mbps, Unlimited
    Gift: £60 Cashback
  • Origin Broadband £23.00
    Avg. Speed 35Mbps, Unlimited
    Gift: None
Prices inc. Line Rental | View All
The Top 20 Category Tags
  1. BT (2490)
  2. FTTP (2147)
  3. FTTC (1645)
  4. Building Digital UK (1590)
  5. Openreach (1403)
  6. Politics (1400)
  7. Business (1224)
  8. Statistics (1090)
  9. FTTH (1048)
  10. Mobile Broadband (1023)
  11. Fibre Optic (964)
  12. Ofcom Regulation (908)
  13. Wireless Internet (894)
  14. 4G (885)
  15. Virgin Media (850)
  16. Sky Broadband (592)
  17. EE (582)
  18. TalkTalk (572)
  19. Vodafone (506)
  20. Security (409)
New Forum Topics
»
Fixed IP SIM question
Author: ithomas7
»
Weather impact on 4G
Author: purplebogmonste
»
»
4G+?
Author: Bigyinuk
»
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact