The warning I referred to is different to WK_schnarfl’s: there is nothing about ISPs in mine.
Here is what Avast tells me:
Description
A service on this device has a weak or default password. This is very dangerous situation, because factory-default usernames and passwords are often used by hackers and cybercriminals.
Catalogue ID HNS-WEAK-PASS
Username:
●●●●●●●●admin
Password:
●●●●●●●●admin
Details
Risks
Attackers can access and control a service on this device.
Solutions
Change the access password for this service.
I believe this is a false warning (i.e. a bug) rather than a “false positive” as such, since the admin/admin combo does not log in to my router. It did originally when I first bought it, but I have since changed my login and password. I have just tested admin/admin again, and as expected it does not work. Thus it is a mystery why Avast thinks that there is a weak password here.
first, i’ve always had strong passwords for both admin and wifi
security warning was driving me crazy so i’ve spent hours looking for some answers, done a factory reset, updated my firmware btw, set all new passwords for admin and for wifi, new SSIDs etc, double checked all my settings etc
everything is perfect
avast still says my pass is admin admin. shut up avast, you’re drunk.
This is the service with a weak password from the warning.
FTP Server has it’s own separate user authentication and it’s own admin, that you’ve probably never gave a proper password.
If you use this ftp server, set a new password here. If not, just disable entire thing.
And done, everything is secure and avast is happy.
That fixed it for me, too. I agree that Avast’s warning is deceptive (it should mention the FTP server username/password), but at least it picked up a potential security problem for which I am grateful.
Out of interest, what could a hacker access if they had your IP address and managed to log into the FTP server of a TP-Link router using admin/admin? The FTP settings are under the heading “USB Settings”. Does this mean that a hacker could nab any data on a connected USB hard disk?