Deco E4 wps ,wpa showing when disabled

Deco E4 wps ,wpa showing when disabled

Deco E4 wps ,wpa showing when disabled
Deco E4 wps ,wpa showing when disabled
2024-08-03 07:12:37
Model: Deco E4  
Hardware Version: V3
Firmware Version: 1.0.3 Build 20240102 Rel. 62454

I have my Deco mesh units 1 main and 2 slave  units (E4R,E4S) setup as WPA2 only but when I run a security scan they show as WPA with wps enabled. The security is very poor and is cracked within 20 seconds. 

What can I do about it? There are no settings to completely disable WPS. Why is wpa showing when the settings are set to WPA2?

I have tried to upgrade to the newest firmware on the  units and it's made no difference. 

 

How can TP- Link sell a device so security flawed?

  0      
  0      
#1
Options
4 Reply
Re:Deco E4 wps ,wpa showing when disabled
2024-08-05 03:37:45

  @DecoMatt 

Hi, Thank you very much for the feedback.

Can I have a screenshot of the "Security Scan" on the Deco APP?

Since there is no hardware switch for the WPS, the software WPS feature is enabled by default but it is not activated unless users press the software button on the Deco APP.

 

Wait for your reply and best regards.

  0  
  0  
#2
Options
Re:Deco E4 wps ,wpa showing when disabled
2024-08-05 23:33:07

  @David-TP 

I'm using wifite(aircrack-ng) to check the security of my Deco mesh wifi network. As you can see the wps is showing active when I have not activated it. It was also crack in 4 seconds as the program uses pixiewps and allocates 5 minutes to crack the wps pin. Which you can see at the bottom of the image.

If wps is not on unless activated in the Deco app how can the program see it? How can the program crack it?

  1  
  1  
#3
Options
Re:Deco E4 wps ,wpa showing when disabled
2024-08-06 02:03:17

  @DecoMatt 

Hi, Thank you very much for the update.

I'd like to escalate your case to the senior engineer directly for further assistance.

Please check whether you could receive my email.

Best regards.

  0  
  0  
#4
Options
Re:Deco E4 wps ,wpa showing when disabled
2024-10-07 13:22:58 - last edited 2024-10-07 13:29:45

  @David-TP 

 

Hi, David.  While WPS might not be 'enabled' until a software button is pressed in the app, it most certainly is advertising WPS during network scans. This is preventing my Volvo from finding the network because the automaker prevents the car from joining any WPS ebabled network. My network doesn't even appear on a list of wifi networks available.

 

From the Volvo manual:  

 

These are the identified requirements for making the Wi-Fi access points available for use:

  • WPA2 with password (CCMP).
    • A password is required.
  • Not allowed/possible:
    • Network without encryption (open network).
    • WPA3.
    • WEP.
    • WPA (with TKIP).
    • WPS (Wi-Fi Protected Setup) enabled routers. Also possible with a WPA2 connection (most home routers are WPS enabled). If your home router has WPS functionality enabled, it will not be available due to limited security when managing WPS access. To connect to a WPA2 network with WPS, disable WPS on the router.

 

To my knowledge, it's impossible to fully disable WPS (and its advertising) in the app. Please report back when you find a solution or anticipate an update.  Thank you.  

 

 

  0  
  0  
#5
Options