Scroll Top
Level 17/31 Queen St, Melbourne. VIC. 3000

TP-Link Archer WiFi router flaw exploited by Mirai malware

TP-Link Archer WiFi router flaw exploited by Mirai malware

There is a known vulnerability in the TP-Link Archer A21 (AX1800) WiFi router, tracked as CVE-2023-1389 which is being actively exploited by the Mirai malware botnet to incorporate devices into DDoS (distributed denial of service) swarms.

The flaw, carrying a severity score of 8.8, is described as an unauthenticated command injection flaw in the locale API of the web management interface on the device.

IT admins and owners of the Archer AX21 AX1800 Wi-Fi router are advised to ensure their device’s hardware is updated to the latest firmware version.

Infection symptoms

Signs of an infected TP-Link router include:

  • device overheating, 
  • internet disconnections, 
  • inexplicable changes on the device’s network settings, 
  • resetting of admin user passwords.

 

Upgrade firmware

 

Further information

Related Posts