These Wi-Fi extenders are vulnerable to hacking
Using Wi-Fi extenders? Security researchers from IBM have found a critical loophole with TP-link extenders that could be leaving you exposed, so you know, it’s time to get your patch on.
We’ll skip right to it: the RE350, RE365, RE500 and RE650 are all affected by the vulnerability, and if you have one of those you need to make sure you have the most up to date firmware available, ideally with a check on the TP-Link website to make sure everything is hunky dory.
But what’s the problem? This vulnerability lets internet baddies to get hold of your Wi-Fi extender, and redirect traffic through it to malware and other malicious internet locations. This could give them access to a variety of Internet of Things (IoT) devices through the extender, and the hackers don’t need to be within range of the extender’s Wi-Fi signal: the attack works by sending a malicious HTTP request to the Wi-Fi extender.
This is easy to do as long as you know the IP address of the device, but these are easy to find online and there are several search engines are repositories online dedicated only to finding the IP addresses of insecure IoT devices.
The vulnerability was discovered by Grzegorz Wypych, a security researcher for IBM X-Force, the only security team I know named after the second best X-Men team.
If you’re nervous about your home network, the best option to ensure security in the long-term is vigilance. As more and more connected devices make their way online, there are more and more potential attack vectors for malicious actors trying to gain access to your digital home.
It’s a good idea to try and keep up with security and firmware updates for every item you’re allowing access to your hub.