Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for Archer C5 by TP-Link

    CVE-2023-39224 (GCVE-0-2023-39224)

    Vulnerability from nvd – Published: 2023-09-06 09:22 – Updated: 2024-09-26 20:13
    VLAI
    Summary
    Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • OS command injection
    Assigner
    Impacted products
    Vendor Product Version
    TP-LINK Archer C5 Affected: firmware all versions
    Create a notification for this product.
    TP-LINK Archer C7 Affected: firmware versions prior to 'Archer C7(JP)_V2_230602'
    Create a notification for this product.
    tp-link archer_c5 Affected: 0 , < * (custom)
        cpe:2.3:h:tp-link:archer_c5:-:*:*:*:*:*:*:*
    Create a notification for this product.
    tp-link archer_c7_firmware Affected: v2_230602
        cpe:2.3:o:tp-link:archer_c7_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:02:06.563Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU99392903/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:tp-link:archer_c5:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "archer_c5",
                "vendor": "tp-link",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:tp-link:archer_c7_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "archer_c7_firmware",
                "vendor": "tp-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "v2_230602"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39224",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-26T20:11:36.456112Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-26T20:13:06.770Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Archer C5",
              "vendor": "TP-LINK",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware all versions"
                }
              ]
            },
            {
              "product": "Archer C7",
              "vendor": "TP-LINK",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware versions prior to \u0027Archer C7(JP)_V2_230602\u0027"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Archer C5 firmware all versions and Archer C7 firmware versions prior to \u0027Archer C7(JP)_V2_230602\u0027 allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-06T09:22:59.282Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU99392903/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-39224",
        "datePublished": "2023-09-06T09:22:59.282Z",
        "dateReserved": "2023-08-15T07:33:33.886Z",
        "dateUpdated": "2024-09-26T20:13:06.770Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-4498 (GCVE-0-2022-4498)

    Vulnerability from nvd – Published: 2023-01-11 20:38 – Updated: 2025-11-04 19:14
    VLAI
    Title
    A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.
    Summary
    In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T19:14:14.345Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.cert.org/vuls/id/572615"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/572615"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4498",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T14:14:59.035196Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T14:15:15.560Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WR710N",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1-151022"
                }
              ]
            },
            {
              "product": "Archer C5",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V2_160221_US"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-11T20:38:37.312Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://kb.cert.org/vuls/id/572615"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.",
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api//cve/CVE-2022-4498"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2022-4498",
        "datePublished": "2023-01-11T20:38:37.312Z",
        "dateReserved": "2022-12-14T17:59:41.586Z",
        "dateUpdated": "2025-11-04T19:14:14.345Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-4499 (GCVE-0-2022-4499)

    Vulnerability from nvd – Published: 2023-01-11 18:48 – Updated: 2025-11-04 19:14
    VLAI
    Title
    The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.
    Summary
    TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T19:14:15.425Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.cert.org/vuls/id/572615"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/572615"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4499",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T13:40:07.571499Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T13:40:37.438Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WR710N",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1-151022"
                }
              ]
            },
            {
              "product": "Archer C5",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V2_160221_US"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-676",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-12T17:03:51.519Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://kb.cert.org/vuls/id/572615"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.",
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2022-4499"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2022-4499",
        "datePublished": "2023-01-11T18:48:41.778Z",
        "dateReserved": "2022-12-14T18:09:49.250Z",
        "dateUpdated": "2025-11-04T19:14:15.425Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-39224 (GCVE-0-2023-39224)

    Vulnerability from cvelistv5 – Published: 2023-09-06 09:22 – Updated: 2024-09-26 20:13
    VLAI
    Summary
    Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • OS command injection
    Assigner
    Impacted products
    Vendor Product Version
    TP-LINK Archer C5 Affected: firmware all versions
    Create a notification for this product.
    TP-LINK Archer C7 Affected: firmware versions prior to 'Archer C7(JP)_V2_230602'
    Create a notification for this product.
    tp-link archer_c5 Affected: 0 , < * (custom)
        cpe:2.3:h:tp-link:archer_c5:-:*:*:*:*:*:*:*
    Create a notification for this product.
    tp-link archer_c7_firmware Affected: v2_230602
        cpe:2.3:o:tp-link:archer_c7_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:02:06.563Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU99392903/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:tp-link:archer_c5:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "archer_c5",
                "vendor": "tp-link",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:tp-link:archer_c7_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "archer_c7_firmware",
                "vendor": "tp-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "v2_230602"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39224",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-26T20:11:36.456112Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-26T20:13:06.770Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Archer C5",
              "vendor": "TP-LINK",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware all versions"
                }
              ]
            },
            {
              "product": "Archer C7",
              "vendor": "TP-LINK",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware versions prior to \u0027Archer C7(JP)_V2_230602\u0027"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Archer C5 firmware all versions and Archer C7 firmware versions prior to \u0027Archer C7(JP)_V2_230602\u0027 allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-06T09:22:59.282Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU99392903/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-39224",
        "datePublished": "2023-09-06T09:22:59.282Z",
        "dateReserved": "2023-08-15T07:33:33.886Z",
        "dateUpdated": "2024-09-26T20:13:06.770Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-4498 (GCVE-0-2022-4498)

    Vulnerability from cvelistv5 – Published: 2023-01-11 20:38 – Updated: 2025-11-04 19:14
    VLAI
    Title
    A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.
    Summary
    In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T19:14:14.345Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.cert.org/vuls/id/572615"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/572615"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4498",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T14:14:59.035196Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T14:15:15.560Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WR710N",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1-151022"
                }
              ]
            },
            {
              "product": "Archer C5",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V2_160221_US"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-11T20:38:37.312Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://kb.cert.org/vuls/id/572615"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.",
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api//cve/CVE-2022-4498"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2022-4498",
        "datePublished": "2023-01-11T20:38:37.312Z",
        "dateReserved": "2022-12-14T17:59:41.586Z",
        "dateUpdated": "2025-11-04T19:14:14.345Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-4499 (GCVE-0-2022-4499)

    Vulnerability from cvelistv5 – Published: 2023-01-11 18:48 – Updated: 2025-11-04 19:14
    VLAI
    Title
    The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.
    Summary
    TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T19:14:15.425Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.cert.org/vuls/id/572615"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/572615"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4499",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T13:40:07.571499Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T13:40:37.438Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WR710N",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1-151022"
                }
              ]
            },
            {
              "product": "Archer C5",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V2_160221_US"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-676",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-12T17:03:51.519Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://kb.cert.org/vuls/id/572615"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.",
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2022-4499"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2022-4499",
        "datePublished": "2023-01-11T18:48:41.778Z",
        "dateReserved": "2022-12-14T18:09:49.250Z",
        "dateUpdated": "2025-11-04T19:14:15.425Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }