The vulnerability in the httpd-demon of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the httpd daemon in the microprogramming-based routing software of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 is related to buffer overflows during packet processing. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service...

The vulnerability in the strcmp() function of the httpd daemon of the microprogrammed router software for TP-Link Archer C5 version 2 and TP-Link WR710N version 1 allows a hacker to gain unauthorized access to protected information.

The vulnerability of the strcmp function in the httpd daemon of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 is related to the creation of a secondary synchronization channel due to time differences. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

CVE-2022-4498

In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS by crashing the httpd process or an arbitrary code execution...

CVE-2022-4498

In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS by crashing the httpd process or an arbitrary code execution...

Heap overflow

In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS by crashing the httpd process or an arbitrary code execution...

CVE-2022-4498

CVE-2022-4498 affects TP-Link WR710N-V1-151022 and Archer C5-V2-160201 via the httpd daemon. A crafted HTTP Basic Authentication input can trigger a heap overflow in httpd, yielding either a DoS (crash) or arbitrary code execution on affected devices. Public sources (CERT/CC and NVD entries) corr...

CVE-2022-4499

TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password...

CVE-2022-4499 The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.

TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password...

CVE-2022-4499

CVE-2022-4499 affects TP-Link WR710N-V1-151022 and Archer C5-V2-160201 (TP-Link routers). The vulnerability arises from a side-channel attack on the httpd process, specifically a strcmp() used to verify credentials, allowing an attacker to deterministically guess each byte of the username and pas...

PT-2022-6284 · Tp Link · Tp-Link Archer C5 +1

Name of the Vulnerable Software and Affected Versions: TP-Link Archer C5 version 2 TP-Link WR710N version 1 Description: The issue is related to the strcmp function used for checking credentials in the httpd process of TP-Link routers. This function is susceptible to a side-channel attack, where ...

PT-2022-6285 · Tp Link · Tp-Link Archer C5 +1

Name of the Vulnerable Software and Affected Versions: TP-Link Archer C5 version 2 TP-Link WR710N version 1 Description: The issue is related to a heap-based buffer overflow when handling packets, which can be exploited by a remote attacker to execute arbitrary code or cause a denial of service...