It’s hard to believe that one of the most popular and widely used routers is sold with outdated and buggy firmware. That’s what happens with the TP-Link AC1200 Archer C50 (v6) , which is one of the best sellers on Amazon. But in addition to having an outdated firmware, it also brings errors in the web interface, since it has a weak encryption that could expose all the devices of its owners.
TP-Link’s most popular router has major flaws
A group of Cybernews security researchers have thoroughly analyzed the TP-Link AC1200 Archer C50 (v6) router and found several major and uncorrected bugs . They all affect the firmware version and your web interface application. The problem is that they are sold totally out of date, without those problems having been corrected.
They have discovered major flaws such as that WPS is enabled by default, something that would allow an attacker to exploit it by brute force. Additionally, administrator credentials and configuration backup files are encrypted using weak and insecure protocols, thus exposing them to potential attackers.
But in addition, the router’s web interface application has serious security flaws that allow private IP addresses to be exposed, weak HTTPS encryption, or even clickjacking or clickjacking.
In total, as reported by Cybernews to TP-Link on July 18, they detected 39 security flaws . Of these, 24 were presented as potentially present in the firmware of this router, while the remaining 15 are not exploitable.
Dangerous vulnerabilities
Among these flaws, security researchers highlight some of them. The first is a Use-after-free vulnerability. In this case it would allow a potential attacker to carry out a denial of service attack by removing a network namespace.
Another notable flaw is through the PPPoL2TP function, which could allow a hypothetical attacker to gain privileges on the network. In addition, through cURL vulnerabilities they could record confidential information or data of the users themselves.
Vulnerable web interface application
On the other hand, they also performed different penetration tests with Nmap, BurpSuite and OWASP ZAP to verify the web interface application. They again found important vulnerabilities that could potentially be exploited.
The application does not support HTTPS by default , something that would allow an attacker to intercept the traffic. Also, when HTTPS is implemented, it does so using TLS 1.0 and TLS 1.1 encryption protocols, which are outdated and weak.
It should also be noted that this application uses Base64 encoding schemes, something that could be exploited by an attacker and carry out Man in the Middle attacks. But these are just some of the vulnerabilities that affect.
The same researchers indicate that some old vulnerabilities were corrected in the current version of the firmware, although a part of them only partially.
Unsafe router until updated
Therefore, we conclude that the TP-Link AC1200 Archer C50 (v6) router is, at least today, insecure. You need to receive updates immediately and have them installed by users to fix all the vulnerabilities they have found.
It is very important to always have the router with the latest firmware version installed. This is something that is often overlooked by users and is a major mistake as it could expose you to potential attackers. But of course, we have seen that even in this case they are selling a device with an outdated firmware, so the user who acquires it is going to be unprotected right away.
