Back in 2017, experts at Fidus Information Security discovered an RCE vulnerability in TP-Link’s routers. The problem allowed the attacker to gain full access to the vulnerable router. It should be noted that the exploit required that the password be active on the device by default, but as you know, many do not change the out-of-box passwords.
Then, just a few weeks later, engineers of TP-Link released a patch for WR940N routers, but in 2018, researchers noticed that TP-Link WR740N routers were vulnerable to the same problem, since the company used the same vulnerable in these models code. The re-detected error was again promptly corrected, but as it turned out now, TP-Link engineers were not in a hurry to publish updated firmware versions on the official website.
TechCrunch journalists payed attention to this fact and reported that even at the beginning of this week, the site still did not publish updates for the WR740N and the above described vulnerability. After that, the journalists turned to the representatives of the company for comment. TP-Link responded that “an update is currently available upon request of technical support,” without explaining the reasons for such a strange decision. Only after TechCrunch had a note about what was happening, the official website of the manufacturer was finally updated, and a secure version of the firmware became available for download by everyone.
Representatives of TP-Link declined to report how many potentially vulnerable routers have been sold all the time, but noted that the release of the WR740N model was discontinued in 2017. Then the journalists studied the issue on their own and searched for the indicated network devices through the IoT search engines Shodan and Binary Edge. As it turned out, a total of 129,000 to 149,000 such routers can be found on the Internet (although the number of vulnerable devices is probably still significantly less).