The government is warning of a vulnerability in Wi-Fi routers that could allow a hacker to access connected devices

India’s Computer Emergency Response Team (CERT-In) was quick to report flaws in the most commonly used software and devices such as Apple products, Windows products and software, Google Chrome and Mozilla, among others. Today, however, a government organization has flagged a problem that is not only critical, but can be easily ignored. A security vulnerability has been discovered in TP-Link routers. According to CERT-In, the vulnerability could allow a logged-in remote attacker to run unauthorized code with high-level access to the affected system.

TP-Link is one of the most popular Wi-Fi routers in India. A Wi-Fi router is a device that connects to your Internet provider and creates a wireless network in your home or office. Thanks to this, your devices such as smartphones, laptops and tablets will be able to connect to the Internet without using cables.

read more

“A vulnerability has been reported in TP-Link routers that could be exploited by a remotely authenticated attacker to execute arbitrary code with elevated privileges on the target system,” we read on the CERT-In website.

CERT-In has issued a high-severity warning regarding a vulnerability in TP-Link routers. According to the government website, the vulnerability specifically affects TP-Link Archer versions earlier than C5400X(EU)_V1_1.1.7 Build 20240510.

“This vulnerability exists in TP-Link routers due to improper neutralization of special elements used in a binary file called rftest. This binary exposes a web service vulnerable to unauthenticated command injection,” CERT-In warns.

The cybersecurity agency says a successful exploitation of this vulnerability could allow a remote attacker, who does not require a login, to execute unauthorized commands with high-level access on the target system. “A successful exploitation of this vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges on the target system,” CERT-In said.

While CERT-In recommends updating TP-Link software, users can also take certain steps to significantly increase the security of their Wi-Fi networks and protect themselves against potential security threats.

Update your router software regularly

Why: Manufacturers often release firmware updates to patch security vulnerabilities.
How to: Check your router’s admin interface or manufacturer’s website for updates.

Change your default login details

Why: Default usernames and passwords are common knowledge and can be misused.
How to: Access your router settings through the admin interface and set a strong, unique username and password.

Enable WPA3 or WPA2 encryption

Why: Encryption protects data sent over the network from interception.
How to: In your router settings, select WPA3 if available, or WPA2 as the next best option. Avoid WEP, which is outdated and insecure.

Disable remote management

Why: This feature allows you to access your router settings from the Internet, increasing the risk of unauthorized access.
How to: Disable remote management in your router settings.

Use a strong Wi-Fi password

Why: A strong password prevents unauthorized users from accessing your network.
How to: Choose a complex password that contains a combination of letters, numbers, and special characters.

Disable WPS (Wi-Fi Protected Setup)

Why: WPS may be vulnerable to brute-force attacks.
How to: Disable WPS in your router settings.

Monitor connected devices

Why: Regular monitoring helps detect unauthorized devices on your network.
How to: Use your router’s admin interface or network monitoring tool to check connected devices.

Use a secure DNS service

Why: A secure DNS service can protect against malicious websites and phishing.
How to: Configure your router to use a secure DNS provider such as OpenDNS or Google DNS.

Restart your router regularly

Why: Restarting can help remove potential malware and refresh your network.
How to: Restart your router periodically, either manually or using a scheduled task if your router supports it.

Enable your firewall and other security features

Why: Firewalls help block unauthorized access.
How to: Make sure your router’s firewall is turned on and configure any additional security features.