KRACK attack and LEDE on a TP-Link Archer C7 V2 EU

Hi, I'm new here so sorry if the question sounds silly :slight_smile: I have this nice Archer C7 wifi router. I was using OpenWRT before, and I was very happy about it, but after the KRACK vulnerability I asked around and people recommended me to install LEDE instead. I don't care too much about the details as long as my router works fine, which does. I flashed it with LEDE and it works very nicely, thanks to all the developers for the awesome work!

My question is: in the Status page of the router I read:

Model TP-Link Archer C7 v2
Firmware Version LEDE Reboot 17.01.4 r3560-79f57e422d / LuCI lede-17.01 branch (git-17.290.79498-d3f0685)
Kernel Version 4.4.92

In the "System -> Software" tab I read:

Remove wpad-mini 2016-12-19-ad02e79d-6

Am I wrong, or it looks like I do not have installed a version of LEDE which includes the KRACK patch? Which means that the router is still potentially vulnerable?

What should I do?

Thanks in advance for any help :slight_smile:

To ensure the most up-to-date software:

opkg update
opkg list-upgradable
opkg upgrade wpad-mini

you must enable the AP-side KRACK Countermeasures after having a version of hostapd with the fix.

Hope this helps.

This package version does include the necessary patches backported to the hostapd (wpad) version used in the 17.01.x branch, see the git log for details (it's the PKG_RELEASE which matters, not the upstream version).

1 Like

The original LEDE thread...

As mentioned, fixed in 17.01.4

Great, thanks a lot for the answers! ^^