@boecko how are you progressing with getting plain Openwrt working on the X2000, I see you have cherry picked the original commits from 5 months ago.
I was on the road with the motorhome on the weekend .. So i had no time 
@boecko I’m also interested, thank you for this topic! It’s suprising I’ve bought this device in 2025 with a software that’s already in EOL.
1 Like
It is safe to run. Please use it without worry. The firmware of X2000 will be maintained, keep safe updates and synchronize GL SDK function iterations and upgrades until EOL.
@boecko But doesn't the 4.8.2 beta have the updated version of openwrt? I would like to buy it taking advantage of Black Friday/Cyber Monday thanks
no .. it’s still THE OUTDATED 19.07 base
All the packages from their feed are outdated.
2 Likes
@bruce Is it safe if it contains outdated dependencies, with known vulnerabilities? It’s just not only about safety but running OpenWRT 19.xx also has compatibility issues with common apps.
1 Like
@boecko Thanks for the reply. But just to clarify, is there a technical reason why the OpenWrt version is out of date, or will it be updated sooner or later due it is actually quite unusual that a previous model to the GL-X2000 has a more updated version than its successor.
1 Like
It’s down to the Qualcomm SDK that GL-iNet have used for both the b3000 and the x2000.
GL would need to ask Qualcomm for a newer SDK to update the repositories in the stock firmware.
Add in OpenWrt: Updates close security holes in router operating system
There’s a heap buffer overflow on any device running any Openwrt derivative that is less than 24.10.4.
I’m still checking for GL to patch this on all devices.
1 Like
Just the 4.8.2-op24 version, if the firmware doesn't explicitly say -op24 it's NOT openwrt 24.10.x hope that helps 
If the b3000 is using the same SDK and base (which is looks like, on specs) then there is a current snapshot for the b3000 available to download:
Should then just need the relevant LTE modules installed and activated.
Happy to help anyone who wants to do this - note I dont have either of these models to test on.
1 Like
I know that.
I’ve made a fork of openwrt-snapshot and integrated the patches from TheRootED24 to it. See Plain OpenWRT on GL-X2000 - Hardware Questions and Recommendations - OpenWrt Forum for the discussion.
I have a build for the GL-X2000 which will obviously lack LTE-functions. I will try it out, when i have the time.
greetings
boecko
2 Likes
Since the QSDK of X2000 does not update the op version.
To clarify one more, taking the GL firmware of the router series as an example, the fact that the op version is old does not mean that it is dangerous, because we will release security update firmware in a timely and plan, and it will be merged the security patches.
So did you patch tmux in your repository? see https://www.cvedetails.com/cve/CVE-2020-27347/
1 Like
Is tmux included in the stock firmware? What business does tmux even have being installed on a router?
If it was installed, what external attack could you use to cause the buffer overflow?
Or are you suggesting it could be used in some hypothetical chained exploit? If it is part of a chain, what is your unpatched external entry point and why not raise that as the concern?
PS I don't even know why the plugins page is in the gl-inet webui. It should just be from luci. It is surely only for advanced users to install, remove or update any of the packages. Users should be warned it is for advanced users only. I am sure gl-inet assist with packages but for the most part they are surely just best effort support.
It's in the official GL.iNet package feed and so somehow part of the official firmware. And someone here posted this.
Although its op version is based on 19.07, the GL R&D team will merge some necessary security patches to ensure the safe running of the entire firmware and system operation.
Please use it without worry. The firmware of X2000 will be maintained, keep safe updates and synchronize GL SDK function iterations and upgrades until EOL.
I'm suggesting that the software base is just plain old and makes it very difficult to install current packages on the system.