Critical security update unavailable to mt-1300 beryl

I noticed a client access my network whoose MAC I do not recognize. Then I searched and despite updating firmware recently discovered : "Security Update

Please update to Ver. 4.5 to address critical security flaws in GL.iNet OpenWrt Router!" But ver 4.5 not available for mt-1300 beryl. If anyone can help or advise please do. Thanks

Hey :wave:

first advice: Stay calm.
It’s unlikely that the MAC you don’t recognize is related to the security flaws in any way.
Just make sure your router isn’t reachable by HTTP and HTTPs from the internet.

Unfortunately, there is no newer firmware version for the Beryl so far.
Maybe @hansome has some knowledge about the plans to release the newer version?

1 Like

Ok, I will not freak out, thanks for that. Since I am using the local router address and am not accessing it remotely, I think, but don’t know, it is not reachable by http or https. If you recommend the gli app I guess I could use that. And then wait to see if a firmware update comes I guess

Is it possible a device on your network as MAC address privacy enabled? This allows a device to connect to a wireless network with a spoofed / randomized MAC address to help prevent tracking.

Hi, yes that could be. Experimenting with a new setup.
I was surprised I had to search to discover, instead of being told by them and getting notification of a patch available, that GLI had a critical security problem. But I guess that is the norm for most business now.

Beryl firmware 4.3.10 has already addressed the CVEs, the same as Ver 4.5 Stable Release.
https://dl.gl-inet.com/release/router/stable/mt1300/4.3.10