The Broadband Guide
search advanced

TP-Link routers targeted by Mirai botnet once again, US government warns

2023-05-03 17:35 by
Tags: , ,


The United States Cybersecurity and Infrastructure Security Agency (CISA) is warning businesses to patch TP-Link routers which are being actively targeted by malicious actors looking to recruit them into the Mirai botnet. The affected router is TP-Link Archer AX21.

The TP-Link router exploit was first detected at the Pwn2Own Toronto hacking event last December, where two different teams were able to breach the device using the LAN and WAN interfaces. The issue was reported to TP-Link in January and the company released a patch for it last month.

The command-injection flaw in TP-Link's Archer AX21 Wi-Fi 6 routers – tracked as CVE-2023-1389 – lurks in device firmware prior to version 1.1.4 Build 20230219, which addresses the issue. An unauthorized attacker can exploit this hole to inject commands that could lead to remote code execution (RCE), enabling the intruder to take control of the device from across the network or internet.

Operators of the Mirai botnet are known for quickly exploiting vulnerabilities in IoT devices, so it's not a major surprise for researchers that they have been able to start targeting the latest flaw so soon after it was disclosed publicly. Either way, applying the patch is the only way to mitigate the vulnerability, so all TP-Link Archer AX21 owners should do it as soon as possible to prevent any possible security risk.

Read more -here-


  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About