Wednesday, May 3rd 2023

CISA Warns About Mirai Botnet Exploit on Some TP-Link Routers

Owners of TP-Link routers ought to heed a warning from the US government's Cybersecurity and Infrastructure Security Agency (CISA), as at least one router model from the company is vulnerable to known exploits. The exploit is actively targeted by Mirai botnet operators and it allows for injection of commands that could allow them to take over the routers via remote code execution (RCE) software. The router from TP-Link that is known to be vulnerable to the exploits is the Archer AX-21, a fairly recent entry level AX1800 Wi-Fi 6 model that is sold globally by the company.

The specific exploit for the Archer AX-21 is tracked as CVE-2023-1389 and is affecting all Archer AX-21 routers with a firmware version older than 1.1.4 2023019, as it's said to address the vulnerabilities. Users who have linked their router to a TP-Link cloud account and allow for automatic updates should already have had their router firmware automatically updated, but everyone else should update their router firmware as soon as possible. There have already been reports of the exploit being actively used by the Mirai botnet to take over routers in Eastern Europe as of the middle of last month, but further parts of the world aren't spared from attacks either by now. Routers might often be devices that are forgotten in a corner somewhere, but it's important to keep the firmware up to date, especially as they are increasingly becoming the target of hackers.
Sources: CISA, The Register
Add your own comment

11 Comments on CISA Warns About Mirai Botnet Exploit on Some TP-Link Routers

#1
bonehead123
Ah ha, the Toilet Paper guys massively fail AGAIN, hehehe :)
Posted on Reply
#2
Verpal
Mirai botnet? Its still online? How many years has it been?
Posted on Reply
#3
TheLostSwede
News Editor
VerpalMirai botnet? Its still online? How many years has it been?
Apparently. Coming up on seven years it seems.
Posted on Reply
#4
zmeul
tough luck, I switched my parents' TP-Link to OpenWRT
Posted on Reply
#5
TheLostSwede
News Editor
zmeultough luck, I switched my parents' TP-Link to OpenWRT
Yeah, I have a couple of older TP-Link devices on OpenWRT as well.
In fact, the range extender died on the TP-Link firmware, but has worked another 2-3 years on OpenWRT...
I wouldn't recommend anyone using TP-Link hardware that faces the internet, as this is far from the first time they've had major security holes in their products.
They also don't provide firmware updates for more than a year until they switch to a new hardware revision and wishes their customers good luck.
Posted on Reply
#6
AsRock
TPU addict
Users who have linked their router to a TP-Link cloud account and allow for automatic updates
yeah that sounds like a great feature haha.

Stopped buying \ using TP Link products a long time ago.
Posted on Reply
#7
bonehead123
TheLostSwedeI wouldn't recommend anyone using TP-Link hardware that faces the internet, as this is far from the first time they've had major security holes in their products.
They also don't provide firmware updates for more than a year until they switch to a new hardware revision and wishes their customers good luck
hence my comment above :D
Posted on Reply
#8
Jism
But this only applies, when the router is directly connected to the WAN / Internet right? And not another model/router combi in between.
Posted on Reply
#9
Makaveli
bonehead123Ah ha, the Toilet Paper guys massively fail AGAIN, hehehe :)
I agree a pretty shi**y situation for them.
Posted on Reply
#10
Minus Infinity
Stopped looking at TP_link as an option after they were found leaking information to a third party last year. Trust them as much as Huawei. But I didn't know they can run OpenWRT.
Posted on Reply
#11
Rouxenator
So only the AX-21 then? That is one model. I run a mix of Asus, Toilet Paper Link and Totolink, the trick is to keep them up to date.

Despite being a 7 year old DSL/fibre router the Asus still got a security update recently.
Posted on Reply
Add your own comment
Dec 21st, 2024 08:03 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts