loader gif

Thousands of vulnerable TP-Link routers at risk of remote hijack

Thousands of vulnerable TP-Link routers at risk of remote hijack (Malware and Vulnerabilities)

Thousands of TP-Link routers are vulnerable to a bug that can be used to remotely take control the device, but it took over a year for the company to publish the patches on its website. The vulnerability allows any low-skilled attacker to remotely gain full access to an affected router. In the worst case scnario, an attacker could target vulnerable devices on a massive scale, using similar mechanism to how botnets like Mirai worked — by scouring the web and hijacking routers using default passwords like “admin” and “pass”. TP-Link released a patch a few weeks later for the vulnerable WR940N router, but Mabbitt warned TP-Link again in January 2018 that another router, TP-Link’s WR740N, was also vulnerable to the same bug because the company reused vulnerable code between devices. TP-Link said the vulnerability was quickly patched in both routers. When we checked two search engines for exposed devices and databases, Shodan and Binary Edge, each suggested there are anywhere between 129,000 and 149,000 devices on the internet — though the number of vulnerable devices is likely far lower.

loader gif