Security Advisory for CVE-2023-50224 – Impact on Legacy TP-Link Router and Access Point Products

TP-Link is aware of recent public reporting and law-enforcement disclosures describing exploitation activity involving legacy consumer networking devices, including TP-Link routers and access points, in connection with CVE-2023-50224.

CVSS v3.0 Score: 6.5 / Medium

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

TP-Link has conducted an internal review and identified that multiple legacy TP-Link products may be affected by this vulnerability. All the affected products have reached End-of-Life (EOL) status and no longer within TP-Link’s standard maintenance lifecycle.

This advisory provides information on impacted legacy models, current remediation status where applicable, and recommended mitigation for customers:

Affected Products/Versions and Fixes:

Important Note on Scope

The product list above reflects TP-Link’s current assessment based on available information and ongoing analysis. The list may not be exhaustive, and additional legacy models, hardware revisions, or regional variants may be identified.

A complete End-of-Life product list is available here: TP-Link End of Life Products

Vulnerability Description and Impact:

Improper authentication flaw allows network-adjacent attackers to retrieve sensitive information in httpd service. Successful exploitation may disclose stored credentials, leading to further compromise. Public reporting indicates this vulnerability may be actively exploited in the wild, including in campaigns involving DNS manipulation. TP‑Link continues to monitor available threat intelligence and external reporting.

Remediation Status

• Some affected legacy products have received security updates where technically feasible.
• Due to hardware limitations, platform age, and lack of available test units, not all legacy products can receive patches.
• None of the affected models support cloud‑based or automatic firmware updates. Any available patches require manual installation by the user.

TP‑Link continues to evaluate the feasibility of additional updates for certain legacy products. Any updates that become available will be published on TP‑Link’s official support website and reflected in this advisory.

Recommendations:

TP‑Link strongly recommends that customers using affected or potentially affected legacy devices take the following actions immediately:

1. Upgrade to a supported TP‑Link product that receives regular security updates.
2. If continued use of a legacy device is unavoidable:
   • Install the latest available firmware from the official TP‑Link website.
   • Disable remote management and unnecessary services.
   • Restrict device access to trusted internal networks only.
3. Monitor network activity for unusual DNS behavior or unauthorized configuration changes.

Disclaimer:

This advisory is provided for informational purposes only and reflects TP‑Link’s current assessment based on available information.

The affected products listed are legacy devices that have reached End‑of‑Life (EOL) and are outside TP‑Link’s standard maintenance lifecycle. While TP‑Link provides mitigation guidance to help reduce risk, customers are responsible for assessing their own environments and determining appropriate actions.

Continued use of affected legacy devices may expose networks to security risks. TP‑Link strongly recommends migrating to supported products that receive regular security updates.