Numerous unprotected TP-Link routers (with default username and passwords) at risk of remote hijack

Numerous TP-Link routers are accessible to a bug that can be used to take control of the device without physical contact.

The company took more than one year to publish the patches on its website.

The sensitivity of the routers allows any incompetent attacker to get full access to an affected router.

The complete utilization of the router relies on the default password to work.

In the worst conditions, any hijacker can aim vulnerable devices on an immense scale.

They could do so by hijacking routers and scouring the web with the use of default passwords like “admin” and “pass.”

In October 2017, the originator of U.K. cybersecurity firm Fidus Information Security, Andrew Mabbitt, found and reported this remote code execution bug to TP-Link.

In response, after a few TP-Link published a patch for the unsafe WR940N router, but TP-Link was informed about another WR740N router by Andrew Mabbitt in January 2018.

The reason found for WR740N router to be vulnerable to the same bug was that the company reused unsafe code within devices.

According to the company, both of the routers were was immediately repaired but the firmware for WR740N wasn’t available on their website when checked.


For a long while, Routers have been disreputable for security issues.

All the connected devices get affected if a single flaw is found in the router.

According to Andrew Mabbitt, any intruder could create chaos on a network by getting complete command over the router. Changing the settings on the router affects everyone who’s connected within the same network, for example, modifying the DNS settings to deceive users for stealing their login details by sending them to a fake page.

TP-Link refused to give information about how many vulnerable routers it had sold but stated that the WR740N had been stopped a year earlier in 2017.

When checked for exposed devices through two search engines, each proposed there are somewhere between 129,000 and 149,000 devices on the internet, although the vulnerable devices are likely to be far less in numbers. Brazil, Pakistan and Bulgaria are the three top countries with most affected devices.

Andrew Mabbitt stated that its the responsibility of TP-Link to alert buyers if thousands of devices are still unprotected, instead of waiting for the customers to contact the TP Link’s tech support.

Both the U.K. And the U.S. are ready to quickly require agencies to sell gadgets with specific default passwords to prevent botnets from hijacking net-linked devices at scale and using their combined internet bandwidth to knock websites offline.

Hundreds of vulnerable TP-Link routers at risk of hacking

Read next: ‘Almost everything connected to the internet is at risk’ – Reports reveal after a popular social media app came under attack

No comments:

Post a Comment