Jonathan Bar

**Name of the Vulnerable Software and Affected Versions** TP-Link Archer C5 version 2 TP-Link WR710N version 1 **Description** The issue is related to the strcmp function used for checking credentials in the httpd process of TP-Link routers. This function is susceptible to a side-channel attack, where an attacker could measure the response time of the httpd process to guess each byte of the username and password. This could allow a remote attacker to gain unauthorized access to protected information. **Recommendations** For TP-Link Archer C5 version 2, consider disabling the httpd process until a patch is available. For TP-Link WR710N version 1, restrict access to the httpd process to minimize the risk of exploitation. As a temporary workaround, consider implementing additional authentication measures to reduce the risk of unauthorized access.

**Name of the Vulnerable Software and Affected Versions** TP-Link Archer C5 version 2 TP-Link WR710N version 1 **Description** The issue is related to a heap-based buffer overflow when handling packets, which can be exploited by a remote attacker to execute arbitrary code or cause a denial of service. The `httpd` service is vulnerable when receiving HTTP Basic Authentication, allowing a crafted packet to cause a heap overflow. This can result in either a denial of service by crashing the `httpd` process or arbitrary code execution. **Recommendations** For TP-Link Archer C5 version 2, consider disabling the `httpd` service until a patch is available to prevent exploitation. For TP-Link WR710N version 1, restrict access to the `httpd` service to minimize the risk of exploitation.