upvote
That would be “gray hat”. It would be illegal, though it has happened in the past and to my knowledge no one has yet been prosecuted for illegally fixing vulnerabilities.

But it’s definitely not white hat.

reply
Someone did, a Russian dude (or at least Russian speaking) updated over a 100.000 Mikrotik routers. While he did get a few "Thank you" notes, some users was also pretty angry with him.

https://www.zdnet.com/article/a-mysterious-grey-hat-is-patch...

reply
Probably simpler to brick them, forcing the owners to upgrade to a modern and supported device.
reply
Just flash OpenWRT to them? :) (a script could prepare a matching default config)
reply
The MR2600 is a rebranded (or same ODM) D Link DIR-882 with a different plastic case, but the MR doesn't come with a rear USB 2.0 port. The FCC photos for each are identical otherwise, right down to the silkscreened board revision.

There's already an OpenWRT image for the DLink model, so coming up with an entry for the Motorola version shouldn't be hard.

reply
Isn't just as illegal as exploiting them for nefarious purposes? That's a pretty big risk to take to help a few dozen strangers on the Internet. What happens if your fix has an unforeseen interaction with some configuration on a remote system and your actions cause outage or worse?
reply