Click to skip the navigation bar
Search
Search Menu
Year:
--  
    Apr.2026
    13

    An Important Update for TP-Link Customers Regarding Recent CVE-2023-50224 Reporting

    Over the past few days, the UK's National Cyber Security Centre (NCSC), in coordination with the U.S. FBI and Germany's Federal Office for the Protection of the Constitution, published advisories describing an exploit used by a cyber actor, listing TP-Link among the brands of targeted routers. While headlines have been broad, we'd like to clarify what the advisories actually mean and how it may impact you.

    What Has Happened:

    The vulnerability named in the report is CVE-2023-50224, an exploit that allowed attackers to redirect traffic to harvest login credentials and passwords for web and email related services, mainly targeting outdated small office/home office (SOHO) routers.

    The affected models are legacy devices that reached End of Service and Life (EOSL) status several years ago and no longer receive regular updates. The list of affected products based on our current assessment can be found here.

    What Should I Do:

    For U.S. customers, a resolution is already underway. The FBI has conducted a court-authorized operation that reset compromised routers and removed the attackers' access.

    If you own one of the affected models, the most effective step you can take is to replace the device with one that is currently supported and receiving regular security updates. All routers, like any internet-facing device, have a security lifespan, which is true regardless of the manufacturer. Utilizing end-of-life networking equipment carries a real risk because vulnerabilities that emerge after support ends cannot always be patched.

    If continued use of a legacy device is unavoidable, we recommend taking the following precautions:

    1. Install the latest firmware available for your specific model, where one exists. Not all models may have a patch due to hardware limitations, platform age, and lack of available test units.
    2. Disable remote management, if possible, along with any unnecessary services.
    3. Restrict device access to trusted internal networks only.
    4. Monitor network activity for unusual behavior or unauthorized configuration changes.

    What We Are Doing:

    Although these devices are outside our standard maintenance window, our team has developed updates for several of the affected models where it is technically feasible to do so. These updates are published on our sites alongside the affected model list, which can be found here.

    To be transparent, there are limits to what is possible with products that have been discontinued. Where a patch cannot be developed, our recommendation is to upgrade to a currently supported device. This is about security, not sales, because legacy hardware cannot always be secured against vulnerabilities that emerge after its support window ends.

    For our currently supported product lines, we maintain an active firmware update program and a published process for vulnerability disclosure. TP-Link is committed to the safety of our users and will continue to actively monitor the situation, disclose new information as it develops, and support customers with questions about their specific devices.

    If you have questions that are not addressed in this post or in our security advisory, our support teams are available to help. support.usa@tp-link.com 

    As explained further in our website Privacy Policy, we allow certain advertising partners to collect information from our website through cookies and similar technologies to deliver ads which are more relevant to you, and assist us with advertising-related analytics (e.g., measuring ad performance, optimizing our ad campaigns). This may be considered "selling" or "sharing"/disclosure of personal data for "targeted advertising" as defined by certain U.S. state laws. To opt out of these activities, press "Opt Out" below. If the toggle below for "Targeted Advertising and 'Sale' Cookies" is to the left, you are already opted out and you can close these preferences.

    Please note that your choice will apply only to your current device/browser. You must indicate your choice on each device and browser you use to access our website. If you clear your cookies or your browser is set to do so, you must opt out again.

    Your Privacy Choices

    As explained further in our website Privacy Policy, we allow certain advertising partners to collect information from our website through cookies and similar technologies to deliver ads which are more relevant to you, and assist us with advertising-related analytics (e.g., measuring ad performance, optimizing our ad campaigns). This may be considered "selling" or "sharing"/disclosure of personal data for "targeted advertising" as defined by certain U.S. state laws. To opt out of these activities, press "Opt Out" below. If the toggle below for "Targeted Advertising and 'Sale' Cookies" is to the left, you are already opted out and you can close these preferences.

    Please note that your choice will apply only to your current device/browser. You must indicate your choice on each device and browser you use to access our website. If you clear your cookies or your browser is set to do so, you must opt out again.

    These cookies are necessary for the website to function and cannot be switched off.

    These cookies allow targeted ads or the "sale" of personal data (toggle to the left to opt out).

    Analytics cookies enable us to analyze your activities on our and other websites in order to improve and adapt the functionality of our website and our ad campaigns.

    Advertising cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.

    Welcome to Our Website! If you stay on our site, we and our third-party partners use cookies, pixels, and other tracking technologies to better understand how you use our site, provide and improve our services, and personalize your experience and ads based on your interests. Learn more in your privacy choices.