Hi, this morning I discovered that someone had made ~150 international phone calls from my TPG NBN Home Phone Account even though I don't even have a home phone handset connected. Digging a bit further I have since discovered that my TPG provided TP-Link Archer VR1600 v2 router has a gigantic security hole as they all have a hard-coded Super User that allows anyone to login to them remotely (provided remote Web Access is enabled, which I needed). After about 2 seconds of googling I soon found the Super User username & pwd and sure enough, I could remotely login and have full control of the router settings & passwords, including access to all of the Telephony settings. I'm not sure yet, but I'm guessing this is how the international phone calls were made on my account. I tried to change the password for this Super User, however it does not seem to change it as I could still login using the usual Super User password. I have now switched back to my old router as I don't trust this TP-Link thing anymore. TPG, what are you going to do about this MASSIVE security vulnerability that I'm guessing affects a large number of your users?
... View more
I've been having exactly the same issue with this unbelievably rubbish tplink archer v2 router that tpg supplied me with when I switched over to nbn. TPG have handballed it to NBN each time I have called (twice), who in turn sent out some "technicians" (pretty sure they were just electricians) who replaced the nbn modem and jiggled some connections. All failed to fix it. After today's failed attempt by nbn to fix it, I decided to get rid of the crappy tpg supplied tplink router and use my old Asus rt-n56u router. It's been up for about 5 hours now without a single dropout, so fingers crossed. Tpg, you really need to do more diagnostics/tests/whatever on your supplied routers when your customers call with problems, before simply handballing it to nbn. Very amateur.
... View more