Critical Vulnerability in TP-Link Wi-Fi Extenders
Let’s be honest, keeping all the devices in your business (let alone your personal life) updated is an arduous task. As we continue to discover though, it is just one of life’s necessary evils. Security researchers are now reporting that a variety of TP-Link’s popular Wi-Fi range extenders are vulnerable to remote code execution and control, requiring immediate updates to patch the vulnerability.
The affected models, along with updated firmware and support directly from TP-Link, can be found below:
Though we recommend mesh networks, the use of Wi-Fi range extenders is widespread due to their low cost and relative ease of deployment. Many business and home users will add several to their network in an effort to improve Wi-Fi coverage.
Vulnerabilities in networking equipment is something we have covered in the past and we continue to recommend the following to secure your networks:
- Set a strong administrator password – Most routers ship with a default password of “admin” that should be changed immediately. Choose a memorable but secure password that incorporates symbols, numbers, and a mix of upper and lower-case letters.
- Update your router’s firmware – The firmware is the operating system of the router and will be the primary way manufacturers deploy more permanent solutions to security issues. Here is a great guide that covers most router manufacturers.
- Disable remote management – Most routers will not ship with this enabled, but keeping it disabled is the most secure option. If you have a business case that requires monitoring your network remotely, be sure to use complex usernames and passwords.
EVAN is more than just a great source of technology information; we have Master Certified Professionals waiting to meet your IT needs right now.