Back to articles
Articles
Volume: 33 | Article ID: art00017
Image
Firmware Vulnerability Analysis of Widely Used Low-Budget TP-Link Routers
Franziska Schwarz
Klaus Schwarz
Daniel Fuchs
Reiner Creutzburg
David Akopian
  DOI :  10.2352/ISSN.2470-1173.2021.3.MOBMU-135  Published OnlineJune 2021
Abstract

TP-Link Technologies Co, Ltd. is a Chinese manufacturer of networking products and has a 42% share of the consumer WLAN market, making it the market leader. The company sells about 150 million devices per year. Many people worldwide use the Internet every day and are connected to the Internet with their computers. In the world of smart homes, even coffee machines, refrigerators, smart sockets, and light bulbs have found their way to the Internet, not to mention the many smartphones, which are, of course, also connected to the Internet. Since many different dangers come from a heater or printer and the many other smart devices directly connected to the Internet, there is a safe haven: the local area network. To connect to the Internet, one needs a modem, which is built into a router in many cases. Routers route network packets back and forth between several computer networks. They are used to connect to the Internet, and they are the bridge between the home network and the Internet in almost every household connected to the Internet. Because of their nature as a bridge between local and global networks, they are also the largest attack vector. [19] This paper examines how up-to-date the firmware of standard home network routers is and how secure the firmware is. In order to obtain a representative result, the examined routers were selected according to fixed rules. Each router had to be a product of the manufacturer TP-Link, the routers had to be in the low-budged range (less than 20 Euro) and be available from Amazon. Also, two different types of investigations were identified for the selected devices. Firstly, the devices were examined in the form of physically existing hardware, and secondly, an attempt was made to access the firmware via the manufacturer’s website. It was found that even the fixing of current vulnerabilities and recently released update files are no guarantee that older vulnerabilities have been fixed. Secrets such as private keys and certificates are hard-coded in the firmware and can be extracted from update files. Moreover, devices are deliberately built to make it impossible to install the latest alternative firmware.

Journal Title : Electronic Imaging
Publisher Name : Society for Imaging Science and Technology
Publisher Location : IS&T 7003 Kilworth Lane • Springfield, VA 22151 USA
Subject Areas :
Views 66
Downloads 25
 DOI 10.2352/ISSN.2470-1173.2021.3.MOBMU-135
 articleview.views 66
 articleview.downloads 25
  Cite this article 

Franziska Schwarz, Klaus Schwarz, Daniel Fuchs, Reiner Creutzburg, David Akopian, "Firmware Vulnerability Analysis of Widely Used Low-Budget TP-Link Routersin Proc. IS&T Int’l. Symp. on Electronic Imaging: Mobile Devices and Multimedia: Technologies, Algorithms & Applications,  2021,  pp 135-1 - 135-11,  https://doi.org/10.2352/ISSN.2470-1173.2021.3.MOBMU-135

 Copy citation
  Copyright statement 
Copyright © Society for Imaging Science and Technology 2021
72010604
Electronic Imaging
2470-1173
Society for Imaging Science and Technology
IS&T 7003 Kilworth Lane • Springfield, VA 22151 USA
10.2352/ISSN.2470-1173.2021.3.MOBMU-135
2470-1173(20210618)2021:3L.1351;1-
ei_24701173_v2021n3_input/s19.xml
/ist/ei/2021/00002021/00000003/art00017
Articles
Firmware Vulnerability Analysis of Widely Used Low-Budget TP-Link Routers
SchwarzFranziska
SchwarzKlaus
FuchsDaniel
CreutzburgReiner
AkopianDavid
18062021
2021
3
135-1
135-11
2021
TP-Link Technologies Co, Ltd. is a Chinese manufacturer of networking products and has a 42% share of the consumer WLAN market, making it the market leader. The company sells about 150 million devices per year. Many people worldwide use the Internet every day and are connected to the Internet with their computers. In the world of smart homes, even coffee machines, refrigerators, smart sockets, and light bulbs have found their way to the Internet, not to mention the many smartphones, which are, of course, also connected to the Internet. Since many different dangers come from a heater or printer and the many other smart devices directly connected to the Internet, there is a safe haven: the local area network. To connect to the Internet, one needs a modem, which is built into a router in many cases. Routers route network packets back and forth between several computer networks. They are used to connect to the Internet, and they are the bridge between the home network and the Internet in almost every household connected to the Internet. Because of their nature as a bridge between local and global networks, they are also the largest attack vector. [19] This paper examines how up-to-date the firmware of standard home network routers is and how secure the firmware is. In order to obtain a representative result, the examined routers were selected according to fixed rules. Each router had to be a product of the manufacturer TP-Link, the routers had to be in the low-budged range (less than 20 Euro) and be available from Amazon. Also, two different types of investigations were identified for the selected devices. Firstly, the devices were examined in the form of physically existing hardware, and secondly, an attempt was made to access the firmware via the manufacturer’s website. It was found that even the fixing of current vulnerabilities and recently released update files are no guarantee that older vulnerabilities have been fixed. Secrets such as private keys and certificates are hard-coded in the firmware and can be extracted from update files. Moreover, devices are deliberately built to make it impossible to install the latest alternative firmware.
router forensicsrouter securitysmart homesmart home devicesfirmware analysisfirmware vulnerabilitiescybersecurityinternet security