Router Security: TP-Link Issues Patch to Fix Code Execution Vulnerability of Old Routers
Router manufacturing company TP-Link recently released a security patch that addresses and repairs an existing vulnerability in one of its discontinued product line of routers.
The vulnerability that is fixed by the patch update allows external entities to remotely execute malicious code on TP-Link's WR841N V8 router. This was discovered by security researchers at the security firm Senrio. The firm worked closely with TP-Link in creating the security patch that fixes the vulnerability.
During Senrio's research into the TP-Link WR841N router, they found a logic flaw in the device's configuration service, which made it possible for the firm's researchers to bypass its access controls and to reset the credentials of the router. Then, they utilized their increased access and exploited the machine's stack overflow vulnerability via the router's configuration service in order to acquire code execution.
The researchers took advantage of the routers' vulnerability through a proximity-based attack, which they have accomplished by using a smartphone's hotspot capability. Once they have carried out the reset of the router's credentials, the researchers were then able to execute malicious code.
While current models of TP-Link routers do not possess these vulnerabilities because of updated firmware that prevents the exploit, older router models from the company, however, remains at risk. Hence, the router manufacturer decided to launch a firmware update that should safeguard old and at-risk routers from possible exploitation.
While Senrio lauded the company's move to protect its users, they have warned that there are still a large number of router owners that are not updating their devices with the latest patch.
It is not uncommon for devices with security flaws that are not running with updated patch to be taken advantage of by hackers. In fact, in a recent leak published by Wikileaks containing alleged Central Intelligence Agency (CIA) documents, it was revealed that the government agency had designed hacking programs that compromised internet routers for the purpose of monitoring the online activity of the agency's targets.