TP-Link Routers

TP-Link released an update to address a vulnerability in a configuration service of WR41N V8 end-of-life routers, discovered by researchers at Senrio. A logic vulnerability, CVE-2017-9466, in a configuration service allowed researchers to bypass access controls and reset the router’s credentials. The researchers then exploited a stack overflow vulnerability to gain a code execution capability. Though the routers are end-of-life, TP-Link agreed to remove the configuration service from this router model to mitigate the vulnerability. According to Shodan, there are over 93,000 users of this router model worldwide, many of whom likely have not updated to the latest firmware. The NJCCIC recommends all users of this router review Senrio’s blog post for additional information and technical details, update their router’s firmware as soon as possible, and consider upgrading to a manufacturer-supported router.