A high-severity security vulnerability was discovered in TP-Link Archer AX21 routers, which is being exploited by the notorious Mirai botnet to launch distributed denial-of-service (DDoS) attacks.
According to this report, the vulnerability, dubbed CVE-2023-1389, was first disclosed by bug hunters in December 2022 at the Pwn2Own hacking contest in Toronto, Canada. A firmware update was issued by TP-Link two months later but did not properly fix the issue. Another update was released in March 2023 that resolved the vulnerability. However, malicious hackers incorporated exploits of the flaw into Mirai’s arsenal, resulting in attacks that have been taking place since last month. The only recommended action to prevent the exploitation of the vulnerable TP-Link routers is for them to be updated with the latest firmware update, which closes the security hole.
The Mirai botnet has been targeting vulnerable IoT devices and hijacking their control. It is now targeting TP-Link Archer AX21 routers to recruit them for DDoS attacks. The vulnerability was disclosed in December 2022, and TP-Link issued a firmware update two months later that did not fix the issue. Another update was released in March 2023 that resolved the vulnerability. However, hackers wasted no time incorporating exploits of the flaw into Mirai’s arsenal, resulting in attacks taking place since last month. The only recommended action to prevent exploitation is to update the routers with the latest firmware.