VPNFilter Malware Security

Security Advisory
Updated 06-07-2018 06:31:03 AM

We at TP-Link are aware of the new security vulnerability named “VPN Filter” which may bring risks to some routers. According to the Cisco Talos’s investigation, this security vulnerability may take use of the existing vulnerabilities on the devices and try to launch attacks. The VPNFILTER main takes use of the existing problems on the devices to launch attacks, and we have fixed all the known vulnerability by firmware release.

Thus, for our devices, they are not affected by this problem, and for R600VPN it is the same.

To protect against this possible malware, we strongly advise our customers to take following steps:

1. Make sure you are running the latest firmware version on your router.

You can check if the firmware running on your device is latest or not via this link:

https://www.tp-link.com/download-center.html

2. Please change default admin username and password on the web interface. For more detailed operation, you can refer to this link:

https://www.tp-link.com/faq-73.html

3. If remote management feature is not necessary for you, please turn off Remote Management on the web interface. As if remote management feature is configured improperly, it will enhance the possibility of attacks.

4. If you concern that your router might be attacked, you may try to restore factory default settings of your router first and then take steps above.

TP-Link is investigating and will update this advisory as more information becomes available.