cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-39224,https://securityvulnerability.io/vulnerability/CVE-2023-39224,OS Command Execution Vulnerability in TP-Link Archer C5 and C7 Routers,"The Archer C5 and earlier versions of the Archer C7 firmware have a vulnerability that permits a network-adjacent authenticated attacker to execute arbitrary operating system commands. Notably, the Archer C5 product is no longer supported, meaning users of this device will not receive an update to mitigate this vulnerability. Users should take immediate action to secure their network against potential exploits exploiting this weakness.",Tp-link,"Archer C5,Archer C7",8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-09-06T10:15:00.000Z,0
CVE-2022-4498,https://securityvulnerability.io/vulnerability/CVE-2022-4498,"A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.","The vulnerability in TP-Link routers, specifically the Archer C5 and WR710N-V1 models, allows for a heap overflow through crafted packets sent during HTTP Basic Authentication. This flaw can lead to a denial of service by crashing the httpd service or facilitate arbitrary code execution, jeopardizing the security and functionality of the affected devices. It is crucial for users to apply mitigations and updates to safeguard against potential exploitation.",Tp-link,"Wr710n,Archer C5",9.8,CRITICAL,0.01624000072479248,false,false,false,false,,false,false,2023-01-11T20:38:37.312Z,0
CVE-2022-4499,https://securityvulnerability.io/vulnerability/CVE-2022-4499,"The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.","The Archer C5 and WR710N-V1 routers by TP-Link utilize the strcmp function within their httpd process for credential verification. This implementation flaw makes these routers vulnerable to side-channel attacks, allowing attackers to infer sensitive usernames and passwords by analyzing the response times of the httpd process. Such timing attacks can lead to unauthorized access, making it crucial for users to assess their router's security configurations.",Tp-link,"Wr710n,Archer C5",7.5,HIGH,0.006810000166296959,false,false,false,false,,false,false,2023-01-11T18:48:41.778Z,0
CVE-2018-19537,https://securityvulnerability.io/vulnerability/CVE-2018-19537,,TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases.,Tp-link,Archer C5 Firmware,7.2,HIGH,0.010569999925792217,false,false,false,true,true,false,false,2018-11-26T03:00:00.000Z,0