Remote Exploitation Vulnerability

Security Advisory
Updated 09-29-2019 09:40:17 AM

TP-Link is aware of a possible security flaw in the TL-WR841N V13 reported by David Wells of Tenable Security Company and CPI security.

 

With this security vulnerability, there is a possibility that an attacker may be able to decrypt the router’s configuration file and take control of the router only if the attacker is locally connected and has administrator authority.

 

At TP-Link, our customer’s security comes first. We have already created a beta firmware update to patch this possible security concern and an official firmware update will also be launched soon. If anyone wants to download the beta firmware, please kindly contact TP-Link through the support page on our official website at https://www.tp-link.com/support/

 

As always, we strongly recommend that customers set strong passwords that use a combination of letters and numbers. We also recommend that the remote login function be disabled, unless needed in order to strengthen the security of your device. We also encourage users to keep their devices updated with the latest firmware to protect against threats and ensure their products are up to date.