- May.2026
- 01
An Important Update for TP-Link Customers Regarding Recent CVE-2023-50224 Reporting
Latest Update: If you are a Spectrum customer, please see our update here.
The UK's National Cyber Security Centre (NCSC), in coordination with the U.S. FBI and Germany's Federal Office for the Protection of the Constitution, published advisories describing an exploit used by Russian cyber actor APT28, listing TP-Link among the brands of targeted routers. While headlines have been broad, we'd like to clarify what the advisories actually mean and how it may impact you.
What Has Happened:
The vulnerability named in the report is CVE-2023-50224, an exploit that allowed attackers to redirect traffic to harvest login credentials and passwords for web and email related services, mainly targeting outdated small office/home office (SOHO) routers.
The list of affected products based on our current assessment can be found here.
What Should I Do:
If you own one of the affected models, the most effective step you can take is to replace the device with one that is currently supported and receiving regular security updates. All routers, like any internet-facing device, have a security lifespan, which is true regardless of the manufacturer. Utilizing end-of-life networking equipment carries a real risk because vulnerabilities that emerge after support ends cannot always be patched.
Like all connected devices, keeping your router secure is important. We recommend a few simple steps:
- Replace older routers that may no longer receive updates. You can find the latest TP-Link Wi-Fi 7 routers here.
- Make sure your router is running the latest firmware.
- Use a strong, unique admin password.
If continued use of a legacy device is unavoidable, we recommend taking the following precautions:
- Install the latest firmware available for your specific model, where one exists. Not all models may have a patch due to hardware limitations, platform age, and lack of available test units.
- Disable remote management, if possible, along with any unnecessary services.
- Restrict device access to trusted internal networks only.
- Monitor network activity for unusual behavior or unauthorized configuration changes.
What We Are Doing:
Although these devices are outside our standard maintenance window, our team has developed updates for several of the affected models where it is technically feasible to do so. These updates are published on our sites alongside the affected model list, which can be found below.
To be transparent, there are limits to what is possible with products that have been discontinued. Where a patch is not available, our recommendation is to upgrade to a currently supported device. This is about security, not sales, because legacy hardware cannot always be secured against vulnerabilities that emerge after its support window ends. You can find the latest TP-Link Wi-Fi 7 routers here.
For our currently supported product lines, we maintain an active firmware update program and a published process for vulnerability disclosure. TP-Link is committed to the safety of our users and will continue to actively monitor the situation, disclose new information as it develops, and support customers with questions about their specific devices.
If you have questions that are not addressed in this post or in our security advisory, our support teams are available to help.
Affected Products/Versions and Fixes: Due to hardware limitations, platform age, and/or lack of available test units, not all legacy products can receive patches.
|
Product Model |
Affected Hardware / Firmware Versions |
Current Remediation Status |
Fixed Versions |
|
Routers |
|||
|
TL- MR6400 |
V1 / V2 |
Unpatched |
|
|
Archer C5 |
V2 |
Unpatched |
|
|
Archer C7 |
V2 / V3 |
Partially patched |
EU_V2_241108: Download for Archer C7 | TP-Link US_V2_260427: Download for Archer C7 | TP-Link US_V3_260427: Download for Archer C7 | TP-Link |
|
Archer C1900 |
V1 |
Unpatched |
Coming soon |
|
TL-WDR3600 |
V2 |
Unpatched |
|
|
TL-WDR4300 |
V1 |
Unpatched |
|
|
TL-WDR3500 |
V2 |
Unpatched |
|
|
TL-WR710N |
V1 / V2 |
Unpatched |
|
|
TL-WR740N |
V4–V7 |
Unpatched |
|
|
TL-WR741ND |
V2, V4-V6 |
Unpatched |
|
|
TL-WR743ND |
V2 |
Unpatched |
|
|
TL-WR749N |
BR 6.0 / 7.0 |
Unpatched |
|
|
TL-MR3420 |
V2–V4 |
Unpatched |
|
|
TL-WR1043ND |
V2–V4 |
Unpatched |
|
|
TL-WR1045ND |
RU V2 |
Unpatched |
|
|
TL-WR802N |
V1-V3 |
Unpatched |
|
|
TL-WR810N |
V1 / V2 |
Unpatched |
|
|
TL-WR840N |
V2 / V3 |
Unpatched |
|
|
TL-WR841HP |
V2 / V3 |
Unpatched |
|
|
TL-WR841N |
V8–V12 |
Partially patched |
EU_V11_211209: Download for TL-WR841N | TP-Link US: V11_us_3_16_9_up_boot(260415): Download for TL-WR841N | TP-Link EU_V12_230317: Download for TL-WR841N | TP-Link |
|
TL-WR841ND |
V11 |
Unpatched |
|
|
TL-WR842N TL-WR842ND |
V2–V4 |
Unpatched |
|
|
TL-WR843N |
V2 / V3 |
Unpatched |
|
|
TL-WR845N |
V1 / V2 |
Unpatched |
|
|
TL-WR902AC |
V1 |
Patched |
US_V1_231025: Download for TL-WR902AC | TP-Link EU_V1_231027: Download for TL-WR902AC | TP-Link |
|
TL-WR940N |
V2 – V6 |
Partially patched |
V5_3.20.1 Build 220801: US: Download for TL-WR940N | TP-Link EN: Download for TL-WR940N | TP-Link V6_250925: |
|
TL-WR940N Plus |
V6 |
Patched |
KR_V6_3.19.1_260424: Download TL-940N Plus | TP-Link |
|
TL-WR941HP |
V1 |
Patched |
UN_V1_211210: Download for TL-WR941HP | TP-Link |
|
TL-WR941ND |
V5 / V6 |
Partially patched |
V6_220610: |
|
TL-WR945N |
V1 |
Unpatched |
|
|
TL-MR3020 |
V1 |
Unpatched |
|
|
TL-MR3220 |
V2 |
Unpatched |
|
|
TL-MR3420 |
V2 / V3 |
Unpatched |
|
|
Access Points |
|||
|
TL-WA701ND |
V2 |
Unpatched |
|
|
TL-WA801ND |
V3 / V4 |
Unpatched |
|
|
TL-WA901ND |
V3–V5 |
Partially patched |
V4_201030, V5_201030: |
|
TL-WA901N |
V6 |
Patched |
EU_V6_220701: |