TP-Link Routers Exposed After Internet Domains Forgotten
Gareth Andrews / 4 years ago
How do you configure a router? Some people like the classic ways of logging into the device via SSH and then configure and change its settings where needed. This works for a few but most prefer to use the graphical user interfaces that people have become accustomed to. This is typically done by logging into an IP or domain name, and for manufacturer TP-Link, the latter was their chosen path. This may change given that someone forgot to renew their use of the domain, leaving thousands of routers open to risk.
The problem is quite a severe one, with anyone able to purchase and gain access to the domain name. If someone with malicious intentions gained access to the system they would be able to load malware onto any systems that tried to access them via the domain name, tplinklogin.net.
The issue was raised by Cybermoon’s CEO Amitay Dan who stated that the company decided to make “minor fixes” but had yet to purchase the domain back from its seller. The minor fixes mentioned apparently were just changing user manuals.
It’s recommended that anyone who accesses their TP-link router via the tplinklogin.net address stops using this method while Dan has recommended that ISPs block the domain name in order to help reduce the risk behind the recently available domain name.