u-boot_mod icon indicating copy to clipboard operation
u-boot_mod copied to clipboard
verified publisher icon pepe2k

LAN's MAC addresses leaking to the WAN interface

Open ec- opened this issue 7 years ago • 0 comments

On some models like TL-WDR4300 all 5 ports are configured to work as primitve switch before main firmware startup. So if you have both LAN and WAN interfaces configured to obtain IP addresses via DHCP - on very early stage LAN client may get direct WAN IP - which is VERY unsecure.

This is an explanaion why at least WAN port should be disabled https://github.com/pepe2k/u-boot_mod/blob/master/u-boot/board/ar7240/common/athrs17_phy.c#L136-L138

ec- avatar Nov 24 '18 19:11 ec-