Mirai malware botnet is actively exploiting a TP-Link Archer A21 (AX1800) WiFi router vulnerability

by

The flaw was disclosed to TP-Link in January 2023, with TP-Link releasing a fix last month in a new firmware update.

The Mirai malware botnet is actively exploiting a TP-Link Archer A21 (AX1800) WiFi router vulnerability tracked as CVE-2023-1389 to incorporate devices into DDoS (distributed denial of service) swarms.

Researchers first abused the flaw during the Pwn2Own Toronto hacking event in December 2022, where two separate hacking teams breached the device using different pathways (LAN and WAN interface access).

Hackers can exploit the flaw by sending a specially crafted request to the router that contains a command payload as part of the country parameter, followed by a second request that triggers the execution of the command.

If you own a TP-Link Archer A21 (AX1800) WiFi router it is now advised to update your firmware.

Note: Model and hardware version availability varies by region. Please refer to your TP-Link regional website to determine product availability.

Read Full Article

Source: BleepingComputers

How to find the hardware version on a TP-Link device