Vulnerabilites related to TP-Link - WR710N
cve-2022-4498
Vulnerability from cvelistv5
Published
2023-01-11 20:38
Modified
2024-08-03 01:41
Severity ?
EPSS score ?
Summary
In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.cert.org/vuls/id/572615 |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T01:41:44.949Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://kb.cert.org/vuls/id/572615", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "WR710N", vendor: "TP-Link", versions: [ { status: "affected", version: "V1-151022", }, ], }, { product: "Archer C5", vendor: "TP-Link", versions: [ { status: "affected", version: "V2_160221_US", }, ], }, ], descriptions: [ { lang: "en", value: "In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-11T20:38:37.312Z", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { url: "https://kb.cert.org/vuls/id/572615", }, ], source: { discovery: "UNKNOWN", }, title: "A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.", x_generator: { engine: "VINCE 2.0.5", env: "prod", origin: "https://cveawg.mitre.org/api//cve/CVE-2022-4498", }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2022-4498", datePublished: "2023-01-11T20:38:37.312Z", dateReserved: "2022-12-14T17:59:41.586Z", dateUpdated: "2024-08-03T01:41:44.949Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-4499
Vulnerability from cvelistv5
Published
2023-01-11 18:48
Modified
2024-08-03 01:41
Severity ?
EPSS score ?
Summary
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.cert.org/vuls/id/572615 |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T01:41:45.010Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://kb.cert.org/vuls/id/572615", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "WR710N", vendor: "TP-Link", versions: [ { status: "affected", version: "V1-151022", }, ], }, { product: "Archer C5", vendor: "TP-Link", versions: [ { status: "affected", version: "V2_160221_US", }, ], }, ], descriptions: [ { lang: "en", value: "TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-676", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-12T17:03:51.519Z", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { url: "https://kb.cert.org/vuls/id/572615", }, ], source: { discovery: "UNKNOWN", }, title: "The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.", x_generator: { engine: "VINCE 2.0.5", env: "prod", origin: "https://cveawg.mitre.org/api/cve/CVE-2022-4499", }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2022-4499", datePublished: "2023-01-11T18:48:41.778Z", dateReserved: "2022-12-14T18:09:49.250Z", dateUpdated: "2024-08-03T01:41:45.010Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }