Tech Magazine

TP-Link Forgot Something and Now Config Pages Are Open to Be Hijacked

Posted on the 13 July 2016 by Tftb @TFTB

Configuring routers and modems used to be jarring process. Typically your ISP or your 'tech' guy would do that for you. But few years ago, networking companies made it really simply for anyone to set up their router.

TP-Link Forgot something and now config pages are open to be hijacked

On the back of your router/modem is the user and password to login and change the setting for your ISP. These settings are to be changed to the router's configuration page which opens in your browser via a simple address.
Now this address usually is 192.168.1.1 but since this isn't really the case for every user and every router, companies decided to make it simple by adding a domain on the back of the device. This domain detects the router IP and automatically brings up the page you need to configure your router.

TP-Link has several such domains to do so. For routers sold until 2014 they used tplinklogin [dot] net, made to configure routers at initial setup. But TP-Link has failed to renew its registration for the domain, leaving it available for anyone to grab. For now this isn't a major risk, but anyone can grab this domain and make a fake admin page to gather login details of your ISP required to setup your router.

Similarly, another domain tplinkextender [dot] net used to configure wireless range extenders had also expired in past. These routers help to boost your signal by connecting your present router setup. According to some reports, this domain receives 4.4 million visitors per month and domain brokers have priced the domain at $2.5million.

As of now TP-Link has not provided any warning or statement about this and the old router setup guides on their website still links to these expired domains. But they are also changing some of the online setup documentation on their website to link it to their new setup domain tplinkwifi.net and tplinkrepeater.net which have been in use by them on their products sold since 2015.

According to Slashgear, "TP-LINK has not been using the domain tplinklogin.net - and this domain has not been used since 2014. Any products purchased at that time using the old domain will be automatically redirected to the internal set-up page, so there will not be any security issues."

That being said, older TP-Link models are still in the market and the stickers on back of the product still show the old domain. TP-Link could try to buy back the domains but domain brokers seem to not playing ball with them and quoting really high price which is forcing TP-Link to update their site and try the best they can to point people to the new domain instead.

Source : TP-LINK URL used to configure routers no longer owned by TP-LINK

Back to Featured Articles on Logo Paperblog