ROUTER Login flaw TP-Link

TP-Link forgets to renew its router setup’s domain names

TP-Link device’s login domains are currently owned by a 3rd party

Router and Wifi extender manufacturers assign a domain name to make its device’s access procedure a little more user-friendly. But TP-Link forgets to renew its router domains tplinklogin.net typically used by routers and tplinkextender.net for WiFi extenders. An anonymous entity re-registered the domain name and offering to sell the administrative domain link for US $2.5 Million each. This oversight can be overturned. But TP-Link doesn’t seem to be interesting in buying back these domain names.

TP-Link is currently tplinkwifi.net on the newer routers. But many devices are still using the older domain names that are typically printed on the base. When an uninformed user accesses the router’s administrative settings using the lost domain names, it would route to a third party website.

What’s the potential risk??

Both the domains are parked with an option to purchase them. It also does not route to the router’s login page or something that resembles as one. TP-Link addresses its users to either use the router’s local IP address or the tplinkwifi.net to access its routers. But a couple of its FAQ documentations (here and here) still recommends the older domains. If a 3rd party makes the purchase of either or both URLs, they could provide a malware-infected router update whenever a user accesses these domains.

Is it really a problem??

Despite the flaw, routers and extenders should able to redirect to the new TP-Link router login. Michael Horowitz confirmed by hard resetting his TP-Link router while keeping it offline. Upon trying tplinklogin.net, it was redirected to tplinkwifi.net automatically. It’s best if users do the same with their routers to be on the safe side. Disconnect the internet connection on the router and try accessing tplinklogin.net. If our TP-Link router redirects to tplinkwifi.net, you’re safe. If it doesn’t, stick to using the router’s IP address.

You would not expect a network device manufacturer to keep open a possible flaw by not renewing two domain names that’s still used by many devices.

Source: 1

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Beyond News. Beyond Reviews. Beyond Guides & Recommendations.

Join the never ending discussions on never ending topics.
Previous Article
lenovo-laptop-thinkpad-l440-front

Security exploit found in Gigabyte MBs, HP and Lenovo

Next Article
NV-GF-VR-Ready-logo-wht-RGB

Nvidia 368.39 driver 'Game Ready' for DiRT Rally VR

Related Posts

Beyond News. Beyond Reviews. Beyond Guides & Recommendations.

Hardware BBQ is a PC hardware review, news and recommendations website. Typical of such PC hardware websites, I encourage two-way communication and discussions. Help us to help everybody by being a part of it. I am pretty active on Twitter. But for any detailed discussions and inquiries, you can always join the Discord group for any discussions.The future plans include streaming on Twitch, but I'll let you if and when that plan is made. Don't forget to follow the channel if you're interested.