Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.
Vulnerability Description
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TP-Link Archer C5 安全漏洞
Vulnerability Description
TP-LINK Archer C5是中国普联(TP-LINK)公司的一款无线路由器。 TP-Link Archer C5 存在安全漏洞,该漏洞源于其使用的最新的软件用于检查httpd中的凭据的strcmp函数,允许攻击者通过侧通道攻击测量httpd进程的响应时间导致攻击者可以猜测用户名和密码的每个字节。
CVSS Information
N/A
Vulnerability Type
N/A