Skip to Content
TP-Link Wi-Fi extender security vulnerability
Security & privacy

If you have one of these popular Wi-Fi extenders, it needs to be patched right now

If you live in a home of a certain size, you might notice areas where your Wi-Fi just doesn’t cut it. It’s bad enough when your smartphone slows down or disconnects as you enter a room on the opposite side of the home from your router, but think about all the other now-common devices that rely on a steady connection.

Connected devices like smart TVs, thermostats, doorbells and other security cameras need a strong connection to do their jobs. That’s why a lot of people buy Wi-Fi extenders to amplify the signal and keep everything connected.

But just like your router or any other gadget connected to the internet, they can be at risk from hacking and a critical vulnerability has been found in a group of popular Wi-Fi extenders. If you own one, it needs to be patched right now so it can’t be taken over.

Extending your risk of being hacked

Wi-Fi extenders, or repeaters as they’re also known, can be found just about everywhere online and even in a number of brick-and-mortar stores that sell electronics. One of the more popular brands you’ll find is TP-Link, and it’s in some of its models that researchers found a pretty big vulnerability that could let a hacker take complete control of the extender.

As detailed in a recent IBM blog post, IBM X-Force researcher Grzegorz Wypych found a zero-day flaw in a TP-Link Wi-Fi extender that — if exploited — would allow an attacker to remotely take control of the extender without login credentials and have the same access as the actual owner.

From there, a hacker could redirect your traffic to malicious, malware-filled sites or simply watch everything you do online. This goes for both homes and businesses that use these extenders.




An attacker would need to know your IP address before even attempting to take control of the extender, but even hackers with limited skills know how to find that information from sites that post details (including IP addresses) of exposed devices. The good news is that you can fix the problem with a patch.

Patching your TP-Link Wi-Fi Extender

According to the IBM blog post, the exploit was found in the TP-Link RE365 Wi-Fi Extender. TP-Link later confirmed the issue also involved three additional models. Below is a list of those affected models and links to specific patches:

Again, those are the only four TP-Link Wi-Fi extender models that are known to have this vulnerability. Read the full IBM blog post by tapping or clicking here.

Protecting your home network

Even if you don’t have any of those extenders, it’s still wise to make sure your router’s security is up-to-date. That’s why we put together a report on these 5 essential router security settings you need to check now.

You should also consider hiding your wireless network from your neighbors, not only to keep them from getting free internet but to keep police from knocking on your door if they’re using it for something that’s illegal. We’ve got those steps here.




And it’s not just about your router. Hackers can also get in through other connected devices like smart TVs voice assistants and smartphones. Find out how best to secure those devices by tapping or clicking here.

Tech smarts in 2 minutes a day

Get my Daily Tech Update and the Digital Life Hack. Just one minute each and arm you with the tech knowledge you need to impress your boss and friends with how smart you are.