Fixing the "Tested Vulnerability Failure" problem (TP-LINK / Archer C9)

Note: If you cannot fix the problem after you follow these instructions, maybe we can help. Get help from RouterCheck Support.

---

---

Understanding the "Tested Vulnerability Failure" problem

Computer security experts around the world are constantly testing consumer routers to look for potential vulnerabilities. When they find a vulnerability, they contact the router vendor and provide them with enough information so that they can fix the problem, hopefully in the next release of the router software. Note: the software that runs on a router is typically called "firmware" After waiting a bit of time to allow the vendor to fix the problem, the security expert makes his findings public to alert others of the potential dangers out there. This is standard practice in the industry, and people agree that the system works well.

If RouterCheck says that a certain router failed to pass a tested vulnerabilitiy, it means that the router was explicitiely tested for that vulnerability and failed. In other words, that router has a known vulnerability that's embedded in it's firmware. The problem will continue to be there unless newer firmware from the vendor that fixes the problem is loaded onto the router.

What is the risk of not fixing this problem?

Unfortunately, disclosing a vulnerability to the public also provides an alert to hackers that there are hundreds of thousands, if not millions of vulnerable routers out there. You might feel that even if your router has a known vulnerability, it's okay because "How are they ever going to find me?" Unfortunately, finding a router with a vulnerability is perhaps easier than you might think.

As an example - in the winter of 2014, a security researcher found a very significant problem with many router models that he called "Misfortune Cookie". The media reported on this problem and claimed that there were over 12 million routers out there that were susceptable to the problem. Where did a number like 12 million come from? Simple - it came from the researcher who scanned the entire internet looking for routers with this problem, and he found 12 million of them. If a security researcher can find that many vulnerable routers, the hackers can't be that far behind.

So what's the real risk to you if you have some known vulnerability?. It's hard to say - actually it depends on the vulnerability found. Some vulnerabilities are just really bad annoyances - others allow the takeover of your entire network.

Vendor Documentation

Often, it's a good idea to look through the router's documentation to learn how to fix problems. Go to the vendor's support site where you can download documentation.

---

How to fix the "Tested Vulnerability Failure" problem

Unfortunately, there's only one way to fix a problem with a router that has a vulnerability enbedded in it's firmware. You'll need to update the firmware, assuming that a newer version exists that fixes your problem.

The thought of updating a device's firmware sounds very intimidating to many people, but that's really not necessary. Most vendors make the process fairly simple, so there's nothing to be scared of. You can learn more here: Learn how to load new firmware onto your router