4 matches found
CVE-2022-4499
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password...
Vulnerabilities in TP-Link routers, WR710N-V1-151022 and Archer C5 V2
Overview TP-Link router WR710N-V1-151022 running firmware published 2015-10-22 and Archer-C5-V2-160201 running firmware published 2016-02-01 are susceptible to two vulnerabilities: 1. A buffer overflow during HTTP Basic Authentication allowing a remote attacker to corrupt memory allocated on a he...
CVE-2022-4499
CVE-2022-4499 affects TP-Link WR710N-V1-151022 and Archer C5-V2-160201 (TP-Link routers). The vulnerability arises from a side-channel attack on the httpd process, specifically a strcmp() used to verify credentials, allowing an attacker to deterministically guess each byte of the username and pas...
CVE-2022-4499 The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password...