Feb 2, 2012
Firmware is 1.52.0. Model is WRT54GS.I'm configured with WPA2-PSK/AES. Broadcasting my SSID. No MAC access filtering.HTTPS access only to the config pages. Custom (not default) password. Remote management disabled.
View 9 Replies
Summary:The router simply "forgot" its assigned SSID and reverted to broadcasting as "linksys".It also ceased encrypting its broadcast.I was able to log in and change it back. It retained many of the OTHER settings I had previously configured.
Details:Two days ago, I noticed my client (laptop) could no longer see the usual SSID that I connect to on my home network.However, there was a new SSID in the area, named "linksys", broadcasting UNSECURED.Coincidentally, this new "linksys" access point had the exact same signal strength that my usual access point typically had.So, I connected to it, you know, just to see.I was only able to access the config pages at my custom IP address (not at x.y.0.1), prefixed with the "https://" scheme identifier.And it didn't prompt for a password. Hopefully because it recognized the cookie my browser still carried from the last time I logged in to it. But maybe because it had temporarily dropped ALL of its security measures...It was definitely my router. Just, stripped of its usual encryption/authentication and its usual SSID.So, I switched the SSID back to what it usually is.And I turned the WPA2-PSK/AES encryption back on.The router "remembered" my WPA2 passphrase, which it displayed to me as plaintext when I pulled down the "security mode" dropdown menu and selected "WPA2 Personal".After re-configuring, it works as well as ever.Is this a known security flaw in the WRT45GS? Because....it seems like a fatal one, as far as network security is concerned.Is it limited to one firmware release?