Serious security flaws have been discovered in a popular TP-Link router, with users urged to update vulnerable outdated firmware as soon as possible.
The AC1200 Archer C50 (v6), which is listed as an “Amazon’s Choice” router on Amazon and is a best-seller in the UK, ships with obsolete firmware at risk from dozens of security holes, according to a CyberNews investigation.
The site found that aside from being vulnerable to numerous known security flaws, the router comes with WPS enabled by default, allowing potential brute-force hacking attacks; encryption on administrator credentials and configuration backups is weak; and the default web interface is riddled with bad security practices and holes, among other issues.
CyberNews advised readers to update the outdated firmware immediately, though noted that even in newer versions some of the vulnerabilities were only “patched halfway through”.
Shenzhen-based TP-Link is the highest-selling consumer wi-fi company in the world, with a 42 per cent share of the global market and 150 million devices sold per year. The C50 v4 and v5 are both available in Australia, according to TP-Link’s local website, with C50 devices for sale at outlets including Bunnings and Officeworks for $79.95.