TP-Link’s most popular router has major flaws
A group of Cybernews security researchers have thoroughly analyzed the TP-Link AC1200 Archer C50 (v6) router and have come across different major and uncorrected faults. They all affect the firmware version and your web interface application. The problem is that they are sold totally out of date, without those problems having been corrected.
They have discovered major flaws like that WPS is enabled by default, something that would allow an attacker to exploit it by brute force. Additionally, administrator credentials and configuration backup files are encrypted using weak and insecure protocols, thus exposing them to potential attackers.
But in addition, the router web interface application it has serious security flaws that allow private IP addresses to be exposed, weak HTTPS encryption, or even clickjacking or clickjacking.
In total, as Cybernews reported to TP-Link on July 18, they detected 39 security flaws. Of these, 24 were presented as potentially present in the firmware of this router, while the remaining 15 are not exploitable.
Among these flaws, security researchers highlight some of them. The first is a vulnerability Use-after-free. In this case it would allow a potential attacker to carry out a denial of service attack by removing a network namespace.
Another notable flaw is through the function PPPoL2TP, which could allow a hypothetical attacker to gain network privileges. Also, through cURL vulnerabilities They could record confidential information or data of the users themselves.
Vulnerable web interface application
On the other hand, they also performed different penetration tests with Nmap, BurpSuite and OWASP ZAP to verify the web interface application. They found again major vulnerabilities that could potentially be exploited.
The application does not support HTTPS by default, something that would allow an attacker to intercept traffic. In addition, when HTTPS is implemented, it does so using TLS 1.0 and TLS 1.1 encryption protocols, which are obsolete and weak.
It should also be noted that this application uses Base64 encoding, something that could be exploited by an attacker and carry out Man in the Middle attacks. But these are just some of the vulnerabilities that affect.
The same researchers indicate that some old vulnerabilities were corrected in the current version of the firmware, although a part of them only partially.
Unsafe router until updated
Therefore, we conclude that the TP-Link AC1200 Archer C50 (v6) router is, at least to this day, insecure. You need to receive updates immediately and that users install them so that they correct all the vulnerabilities that they have detected.
It is very important to always have the router with the latest firmware version installed. This is something that is often overlooked by users and is a major mistake as it could expose you to potential attackers. But of course, we have seen that even in this case they are selling a device with an outdated firmware, so the user who acquires it will be unprotected right away.