Back to Home

On some TP-LINK router models, the default password is the last 8 characters of the device’s MAC address

tp-link · wireless routers · network security

On some TP-LINK router models, the default password is the last 8 characters of the device’s MAC address



    Another vulnerability of the “zero day” (yes, this is irony, the habraparser eats the sarcasm tag) today became known from an information security specialist named Mark. He discovered an interesting fact - in some models of TP-Link routers, the last characters of the MAC address of this device are used as a password. Before announcing this on the Web, Mark wrote to the company, but they did not respond there.

    So far, we are talking only about the model WR702N. It is a small and fast router with low power consumption. Yes, and it costs a little. But the password of such a device can be found out without any problems at all - you just need to scan the network with a special “exploit” in one line. And since ordinary users do not change the default passwords, then access is saved to most devices.



    And this is not a joke, try searching in Google, in pictures, images of the router by model name. Photos are found both in reviews and in images from online stores. Here is one such image: The



    password is unique, but scanning the device’s MAC address is not particularly difficult. MAC is available for any device that can "listen" to a wireless network. All that remains is to connect to the access point whose MAC is known.

    Here is the one-line scanner:


    Yes, users must change the passwords left by the manufacturer by default. But still I want the default better protection.

    Read Next