cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-4498,https://securityvulnerability.io/vulnerability/CVE-2022-4498,"A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.","The vulnerability in TP-Link routers, specifically the Archer C5 and WR710N-V1 models, allows for a heap overflow through crafted packets sent during HTTP Basic Authentication. This flaw can lead to a denial of service by crashing the httpd service or facilitate arbitrary code execution, jeopardizing the security and functionality of the affected devices. It is crucial for users to apply mitigations and updates to safeguard against potential exploitation.",Tp-link,"Wr710n,Archer C5",9.8,CRITICAL,0.01624000072479248,false,false,false,false,,false,false,2023-01-11T20:38:37.312Z,0
CVE-2022-4499,https://securityvulnerability.io/vulnerability/CVE-2022-4499,"The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.","The Archer C5 and WR710N-V1 routers by TP-Link utilize the strcmp function within their httpd process for credential verification. This implementation flaw makes these routers vulnerable to side-channel attacks, allowing attackers to infer sensitive usernames and passwords by analyzing the response times of the httpd process. Such timing attacks can lead to unauthorized access, making it crucial for users to assess their router's security configurations.",Tp-link,"Wr710n,Archer C5",7.5,HIGH,0.006810000166296959,false,false,false,false,,false,false,2023-01-11T18:48:41.778Z,0