silversurfer

Level 49
Verified
Trusted
Content Creator
Malware Hunter
A critical zero-day vulnerability which impacts TP-Link Wi-Fi Extenders could lead to the remote execution of code, researchers have warned.

IBM X-Force researcher Grzegorz Wypychmembers revealed the existence of the security flaw on Tuesday. In a blog post, the cybersecurity researcher said the security issue impacts TP-Link Wi-Fi Extender models RE365, RE650, RE350 and RE500 running firmware version 1.0.2, build 20180213.

TP-Link Wi-Fi Extenders are devices suitable for both the home and commercial properties and are used to eradicate black spots or areas with weak Wi-Fi coverage. An extender is able to capture Wi-Fi signals from the main router and rebroadcast the same signal, improving its strength.

However, as with many devices connected to the Internet, there is the possibility of vulnerabilities which can be used by attackers to remotely access and compromise systems. In this case, the critical flaw can be exploited to perform remote code execution.
 

shmu26

Level 81
Verified
Trusted
Content Creator
If I understood the article right, it can be exploited only if the attacker is within wifi range of the device.
 
  • Like
Reactions: upnorth

blackice

Level 7
I have one of these...and I found a couple random device connected to my router once. I have a suspicion one of my neighbors’ kids is a script kiddie. Anyway, my only conclusion was the tp-link extender was the weak point. It has been in a drawer unplugged for over a year now.
 
  • Like
Reactions: upnorth and shmu26