VPNFilter malware




  • Official comment
    David (Edited )

    A single or common attack vector has not yet been determined by the researchers, but they believe the installation of the malware is using existing and well-known vulnerabilities in older routers.  Portal does not have the vulnerabilities currently identified for VPNFilter but we continue to monitor this.

    This malware attack serves as a good reminder to change your default admin password.  This can be done via the App or a web browser.

    The App can provide an additional level of security by requiring the phone paired with the Portal be used for Admin control (2-factor authentication).  To do this use the App to disable the WebGUI.


     Portal Support



  • Avatar
    Kanwar Fagoora (Edited )

    Also interested in finding out whether my Portal router is vulnerable, how to fix it (if possible), and whether a firmware update is is in the works.

  • Avatar
    Whit Norris (Edited )

    Question should be whether there is anyone left at Portal to verify this.  I do not mind these routers, but am very disappointed in the lack of updates.

    Edit:  I think my original entry may have created touch some nerves.  To answer properly a quick google search brought the following:


    "The known devices affected by VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link networking equipment in the small and home office (SOHO) space, as well at QNAP network-attached storage (NAS) devices. No other vendors, including Cisco, have been observed as infected by VPNFilter, but our research continues." 

    Portal will have vulnerabilities.  They have not updated the router or provided updates in close to a year.  There is no politicizing that eventually there will be security issues and someone will have to address.


  • Avatar
    Dave Coxe

    No.  The question is whether or not this router is vulnerable to this latest malware.  Please don't politicize my posts if you have nothing useful to add.


  • Avatar
    Barry Cannings

    If they do not wish to continue developement, maybe they could open source it, I'm sure DDWRT has a patch/fix for the VPN filter

  • Avatar


    Portal receives firmware updates on average about every 2-3 months.  The current release is 1.2.215 and was pushed out automatically on March 9, 2018. You can review the changelog history at https://support.portalwifi.com/hc/en-us/sections/206730987-Firmware-Release-Changelog

    If your Portal is not at release 1.2.215 please let us know and we will send an update manually to it.

    Best regards,


  • Avatar
    H T. II

    David ...

    I realize this may be covered in another thread buried somewhere. But what is the procedure necessary to move the app to a different device, a new Smartphone in this case, than the one my Portals were originally set up on so I can have access via the app on the new phone and can then turn off the web-GUI as it's unnecessary?

    Have two Portals in a mesh configuration ...

Please sign in to leave a comment.