TP-Link has forgotten to renew the domains it uses for allowing customers to configure its networking devices like routers and Wi-Fi extenders.
All big router manufacturers and marketers have their own custom domains to help and instruct buyers about using their routers and W-Fi extenders. TP-Link has two of them, viz tplinklogin.net and tplinkextender.net through which it gives out routers configuration. Seems like the top honchos in TP-Link have completely forgotten about both these domains leaving them open to malicious use.
TP-Link has actually “forgotten” to renew two domains that are used to access the administrative panels of Wi-Fi routers and extenders. Although users can access their router administration panel through local IP address (i.e. 192.168.1.1, most router marketers make it easier for customers by having a easy to remember domain names.
TP-Link’s mistake shows how they can lead to problems.
Cybermoon CEO Amitay Dan said on Friday that TP-Link lost control of its tplinklogin.net domain because it forgot to renew the address. Rather than forking out money to regain the domain from an external company that happened to scoop up the address, TP-Link instead decided to update its online manuals by removing the domain name references altogether.
TP-Link forgot to buy the domain https://t.co/kggHaY7Xhl
Exploit can be made, the domain is for sell for 2.5m$ pic.twitter.com/JH7FkHItYU— Amitay Dan (@popshark1) July 1, 2016
“The logic behind using [a] domain in the first place, instead of an IP address, is the main problem here,” Dan said in a blog. “Forgetting to buy the domain is the second mistake. While checking how many users are trying to use it, I’ve realized that’s this is effecting plenty of people. My advice is to block the domain by the ISP.”
Another similar TP-Link domain, tplinkextender.net was similarly not renewed. The new owners of tplinklogin.net and tplinkextendernet have put up For Sale sign.
The big security issue here regarding the two uncontrolled domains is that when TP-Link customers use the tplinklogin.net domain to access TP-Link devices other than routers (like an extender), it will pull up a public Internet web page instead of the internal logon page. This page can easily be cloned to look like a TP-Link page and ask people to give their Wi-Fi credentials. Such credentials can then be used to steal personal as well as banking information from the victims.
If you are a TP-Link router or Wi-Fi extender owner, dont visit the tplinklogin.net and tplinkextender.net to set up your gadgets.
TP-Link reached out to Techworm and told us that the above domains were no longer in operation as they have shifted to new domain names. Their response is given below :
TP-LINK has not been using the domain tplinklogin.net – and this domain has not been used since 2014. Any products purchased at that time using the old domain will be automatically redirected to the internal set-up page, so there will not be any security issues.
The following are our current domains for different products:
Router: https://tplinkwifi.net
Range Extender: https://tplinkrepeater.net
Wireless PLC: https://tplinkplc.net
