The Indian Computer Emergency Response Team (CERT-In) has issued an urgent advisory related to the critical security flaw which was discovered in the TP-Link routers. This brand is widely used across the country for internet infrastructure and CERT-In, which is known for its quick identification of security flaws in popular software and devices from companies like Google, Apple, Microsoft and Mozilla, has highlighted several severe threats that might not be immediately obvious to many users.
TP-Link routers are presently used to connect multiple devices like smartphones, laptops, and tablets to the internet via wireless networks, and at present it is at the centre of this concern. These routers act as intermediaries between users and their internet service providers- that enables a seamless internet access without the need for physical cables.
The vulnerability
As per CERT-In, the vulnerability will identify the TP-Link routers which might allow the remote attackers to execute unauthorized code- giving them the elevated privilege on the affected system. At present, this flaw in TP-Link Archer models preceding version C5400X(EU)_V1_1.1.7 Build 20240510 has the rising issue from improper neutralization of special elements within a binary file called "rf test," which is exposed a network service for unauthenticated command injection.
CERT-In has explained that if this flaw is exploited, remote attackers will be able to execute commands with heightened access rights on the affected system without requiring the authentication.
Protective measures
To address the critical concern, CERT-In advises immediate patching of TP-Link software and have urged the users to adopt several proactive measures which would help in enhancing the security of their Wi-Fi networks and protect against potential threats.
-
Regular firmware updates: Make sure that the router firmware is regularly updated to incorporate the latest security patches which are released by the manufacturers. Regular updates will help to close security gaps and improve overall device performance.
-
Change default credentials: Modify default login credentials to prevent exploitation using commonly known passwords and usernames. This step is important as default credentials are often easy targets for attackers.
-
Enable strong encryption: Use WPA3 or WPA2 encryption to protect data transmissions from being intercepted. Strong encryption standards make it significantly harder for unauthorized parties to access your network.
-
Disable remote management: Turn off the remote management features which will help to reduce the risk of unauthorized access to router settings from the internet. This will disable this feature and add an extra layer of security by limiting access to the router's configuration settings to local users only.
By implementing these measures, users can significantly mitigate the risks associated with this vulnerability and secure their networks against potential cyberattacks. Staying vigilant and proactive about router security is essential in the current digital age, where cyber threats are constantly evolving.
ALSO READ: Truecaller unveils world's first AI call scanner for scam detection
