Security Advisory for KCodes NetUSB Vulnerabilities

Security Advisory
Updated 03-04-2022 07:20:02 AM 49205

Associated CVE ID: CVE-2021-45608

As vulnerabilities related to KCodes NetUSB were disclosed, TP-Link has developed and released firmware fixes for NetUSB-protocol vulnerabilities on the following product models:

Model

Version

Fixed in Firmware Version

Archer C7(US/EU/RU)

V5

Archer C7(US/EU/RU)_V5_211210

Archer C7(US/RU/KR)

V4

Archer C7(US/RU/KR)_V4_211231

Archer C1200(US/EU/CA)

V1

Archer C1200(US/EU/CA)_V1_220114

Archer C1200(JP/KR/US/RU)

V2

ArcherC1200(JP/KR/US/RU)_V2_220114

Archer C1200(EU)

V2

Archer C1200(EU)_V2_211219

Archer C1200(US)

V3

Archer C1200(US)_V3_211219

Archer C5400X

V1

Archer C5400X_V1_211222

ArcherC2300(US/EU/KRJP/CA)

V1

ArcherC2300(US/EU/KRJP/CA)_V1_220114

Archer C4000

V2

Archer C4000_V2_220114

Archer C59(EU/RU/US)

V2

Archer C59(EU/RU/US)_V2_220117

Archer C59(US)

V3

Archer C59(US)_V3_220113

Archer C3150(US)

V2

Archer C3150(US)_V2_220117

TL-MR3420(EU)

V5

TL-MR3420(EU)_V5_211220

TL-WR842N(RU)

V5

TL-WR842N(RU)_V5_211215

Archer VR2800(EU)

V1

Archer VR2800(EU)_V1.0_220107

Archer VR2800V(DE)

V1

Archer VR2800(DE)_V1.0_220110

Archer VR600v(EU)

V2

Archer_VR600v(EU)_V2_220112

Archer VR600V(DE)

V2

Archer VR600v(DE)_V2_220113

Archer VR400(EU)

V2

Archer VR400(EU)_V2_220113

Archer VR900v(DE)

V2

Archer VR900v(DE)_V2_220118

Search for your product model, then go to its download page.Go to TP-Link’s download center https://www.tp-link/support/download.To download the latest firmware: TP-Link strongly recommends that you download and update to the latest firmware for these product models as soon as possible.

  1. Choose the right hardware version and click Firmware.
  2. Follow the page instructions, and select the correct firmware version to download and install the new firmware.

Disclaimer

The KCodes NetUSB-protocol vulnerabilities will persist if you do not take every recommended action. TP-Link cannot bear any responsibility for consequences that could have been avoided by following the recommendations in this statement.

Revision History

2022-01-11 Published advisory

2022-01-12 Updated CVE ID

2022-01-18 Updated Firmware List

TP-Link will update this advisory as necessary when more information becomes available.

Is this faq useful?

Your feedback helps improve this site.

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

From United States?

Get products, events and services for your region.