TP-Link has released patches to help customers protect their routers against attacks that would abuse the security vulnerability. The security flaw affects some Archer routers that could allow potential attackers to void their admin passwords and remotely take control of the devices over LAN via a Telnet connection. The only type of users on these routers is admin with full root permissions, so attackers can automatically get admin privileges on the router. The risk is greater on business networks where routers such as this can be used to enable guest Wi-Fi.
Source: https://www.bleepingcomputer.com/news/security/tp-link-router-bug-lets-attackers-login-without-passwords/

