Any idea why this fully updated AP router type would need telnet enabled LAN side? No way to disable that protocol in the settings sends login credentials in the clear. For a modern router to not even promote SSH, sigh. Looking for a more privacy focused basic AP without built in holes. Any recommendations? I discovered when I was doing a network scan at home to find weaknesses. Wasn't expecting that.

Nighthawk AX5 RAX30  

Firmware Version V1.0.13.102_2

I was going to try to block by firewall, but still researching how to block for devices that connect directly to AP although DHCP server is via the pfSense firewall. When running traceroute, seems to go to AP rather than hopping through firewall, which then the firewall would then block. AP is inside firewall on internal side. Not detecting any way to turn off Telnet or unsecure HTTP login for this device in settings while in AP mode. Would like to force HTTPS login.

I'm going to research on vendor website this week to see if this model is still getting firmware updates.