OpenCVE

TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Tp-link	Archer C5 Archer C5 Firmware Tl-wr710n Tl-wr710n Firmware

Configuration 1 [-]

AND

cpe:2.3:o:tp-link:archer_c5_firmware:2_160201_us:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:archer_c5:2.0:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:tp-link:tl-wr710n_firmware:1_151022_us:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:tl-wr710n:1.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://kb.cert.org/vuls/id/572615

History

No history.

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2023-01-11T18:48:41.778Z

Updated: 2024-08-03T01:41:45.010Z

Reserved: 2022-12-14T18:09:49.250Z

Link: CVE-2022-4499

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-01-11T19:15:10.170

Modified: 2024-11-21T07:35:23.177

Link: CVE-2022-4499

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:archer_c5_firmware:2_160201_us:*:*:*:*:*:*:*", "matchCriteriaId": "B7CD0ED5-31F0-47CD-AC06-FA1909722F91", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:archer_c5:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1FE42DA9-9225-4D3F-920E-DD826369FB49", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:tl-wr710n_firmware:1_151022_us:*:*:*:*:*:*:*", "matchCriteriaId": "343FFD09-AE5D-48F3-A6A9-F28A66D3D49D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:tl-wr710n:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0E936B0D-9F70-4F35-A135-6255FA6405DF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password."}, {"lang": "es", "value": "Los routers TP-Link, Archer C5 y WR710N-V1, que utilizan el software m\u00e1s reciente, la funci\u00f3n strcmp utilizada para verificar las credenciales en httpd, son susceptibles a un ataque de canal lateral. Al medir el tiempo de respuesta del proceso httpd, un atacante podr\u00eda adivinar cada byte del nombre de usuario y la contrase\u00f1a."}], "id": "CVE-2022-4499", "lastModified": "2024-11-21T07:35:23.177", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-11T19:15:10.170", "references": [{"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://kb.cert.org/vuls/id/572615"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://kb.cert.org/vuls/id/572615"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-203"}], "source": "nvd@nist.gov", "type": "Primary"}]}